SlideShare a Scribd company logo

Correlation: Why It's Important to Your Security Infrastructure

Download as PPTX, PDF
identityautomation
identityautomation

We broke down what correlation is, it's 3 main components, and what it means to identity and access management. It could also be important to your organization's security infrastructure.

Technology
1 of 26
Do You Need Correlation? Breaking Down Correlation and What it Means to Identity Management
“Do you need correlation?”
It’s a question we keep discussing with prospects and customers… And it’s clear there’s a lack of understanding around correlation and its place in an identity management platform.
What is correlation? When is it needed? How does it support an identity management platform and security infrastructure?
There are three kinds of correlation: • Identity Correlation • Event Correlation • Behavioral Correlation
Let’s take a closer look at all three…
Identity Correlation
Identity Correlation – What is it? Identity Correlation reconciles and validates proper ownership of user account IDs throughout an organization & links ownership of those user account IDs to individuals using a unique identifier. In other words, Identity Correlation provides context to user account IDs.
This is Jane Smith. She works as a Marketing Manager for XYZ Corp. To XYZ Corp’s security technology systems, Jane exists as JSmith. Identity Correlation – How it Works
Identity Correlation links JSmith to the access Jane needs to do her job. As a marketing manager, Jane needs access to Google Apps, Salesforce.com and Hubspot. She does not need access to JIRA, used by the engineering team. Identity Correlation – How it Works JSmith
Identity Correlation can show data discrepancies, like if Jane suddenly had access to JIRA. If that happened, Identity Correlation would show XYZ Corp’s IT staff that they need to remove that access for her. Identity Correlation – How it Works
Identity management platforms should provide identity correlation as a core function of the product. Identity Correlation & Identity Management
Event Correlation
Event correlation looks at events happening in a window of time. It is the process of examining events, interactions of events, and then determining which events and interactions are important. Event Correlation – What is it?
Event correlation is handled by a Security Information and Event Management (SIEM) tool. When properly configured, a SIEM tool will determine event correlations and raise alerts when needed. Event Correlation – What is it?
Event Correlation – How it Works Jane logs into her computer in Barcelona… …but then swipes her employee badge in Jakarta… That shouldn’t be possible! A SIEM tool would alert her IT staff so proper containment steps could be taken.
A SIEM tool directly handles event correlation, but receives event logs from across the organization. An identity management platform is a provider and producer of activity logs for a SIEM tool. It also supports alerts from SIEM tools to take action on risks. Event Correlation & Identity Management
Behavioral Correlation
Behavioral correlation is a relatively new term in IT security because the industry has struggled so much with identity and event correlation. Behavioral Correlation – What is it?
Identity Correlation = deals with a current state of accounts Event Correlation = examines events occurring within a window of time Behavioral Correlation = looks at a current event and compares it to historical action patterns Behavioral Correlation – What is it?
Jane typically logs into a US based device every weekday between 9am and 6pm. But if she travels to Munich and attempts to login, behavioral correlation determines that this login does not match her usual patterns. That action could push a pre-set policy for this situation into effect, requiring Jane to provide additional information, such as a one- time password sent to her phone. Behavioral Correlation – How it Works
Because it’s such a new concept, most identity management platforms do not have the infrastructure to handle behavioral correlation. But it should live in identity management, so the most innovative vendors are closing examining it. Behavioral Correlation & Identity Management
So…do you need correlation?...
In short, maybe… It all depends on what you’re trying to do. But your identity management vendor should be able to help you determine which type of correlation you need.
As it relates to correlation, an identity management platform should include: • Identity Correlation as a component • Ability to work in conjunction with a SIEM tool • Future plans to offer Behavioral Correlation capabilities
To learn more about the different types of correlation, read our guidebook, Do You Need Correlation?

Recommended

Defending Against Internal Threats - Interop 2015
Defending Against Internal Threats - Interop 2015Defending Against Internal Threats - Interop 2015
Defending Against Internal Threats - Interop 2015identityautomation
 
Event Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEvent Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEnergySec
 
Appriss Automates Support of 650 End-Point Routers with CA Process Automation
Appriss Automates Support of 650 End-Point Routers with CA Process AutomationAppriss Automates Support of 650 End-Point Routers with CA Process Automation
Appriss Automates Support of 650 End-Point Routers with CA Process AutomationCA Technologies
 
Introduction to Numetric (1)
Introduction to Numetric (1)Introduction to Numetric (1)
Introduction to Numetric (1)Matt Polson
 
Pre-Con Ed: What's New in CA Service Management
Pre-Con Ed: What's New in CA Service ManagementPre-Con Ed: What's New in CA Service Management
Pre-Con Ed: What's New in CA Service ManagementCA Technologies
 
Ca automation suite screen shots 2
Ca automation suite screen shots 2Ca automation suite screen shots 2
Ca automation suite screen shots 2David Resnic
 
MUSES WP5 Final Conclusions
MUSES WP5 Final ConclusionsMUSES WP5 Final Conclusions
MUSES WP5 Final ConclusionsPaloma De Las Cuevas
 
Using data science to automate event correlation - June 2016 - Dan Turchin - ...
Using data science to automate event correlation - June 2016 - Dan Turchin - ...Using data science to automate event correlation - June 2016 - Dan Turchin - ...
Using data science to automate event correlation - June 2016 - Dan Turchin - ...PeopleReign, Inc.
 

Recommended

Defending Against Internal Threats - Interop 2015
Defending Against Internal Threats - Interop 2015Defending Against Internal Threats - Interop 2015
Defending Against Internal Threats - Interop 2015identityautomation
 
Event Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEvent Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEnergySec
 
Appriss Automates Support of 650 End-Point Routers with CA Process Automation
Appriss Automates Support of 650 End-Point Routers with CA Process AutomationAppriss Automates Support of 650 End-Point Routers with CA Process Automation
Appriss Automates Support of 650 End-Point Routers with CA Process AutomationCA Technologies
 
Introduction to Numetric (1)
Introduction to Numetric (1)Introduction to Numetric (1)
Introduction to Numetric (1)Matt Polson
 
Pre-Con Ed: What's New in CA Service Management
Pre-Con Ed: What's New in CA Service ManagementPre-Con Ed: What's New in CA Service Management
Pre-Con Ed: What's New in CA Service ManagementCA Technologies
 
Ca automation suite screen shots 2
Ca automation suite screen shots 2Ca automation suite screen shots 2
Ca automation suite screen shots 2David Resnic
 
MUSES WP5 Final Conclusions
MUSES WP5 Final ConclusionsMUSES WP5 Final Conclusions
MUSES WP5 Final ConclusionsPaloma De Las Cuevas
 
Using data science to automate event correlation - June 2016 - Dan Turchin - ...
Using data science to automate event correlation - June 2016 - Dan Turchin - ...Using data science to automate event correlation - June 2016 - Dan Turchin - ...
Using data science to automate event correlation - June 2016 - Dan Turchin - ...PeopleReign, Inc.
 
Case Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process AutomationCase Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process AutomationCA Technologies
 
HfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise BusinessHfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise BusinessHfS Research
 
Business process automation: The past, present and future
Business process automation: The past, present and futureBusiness process automation: The past, present and future
Business process automation: The past, present and futureQorus Software
 
Robotic Process Automation for Financial Services
Robotic Process Automation for Financial ServicesRobotic Process Automation for Financial Services
Robotic Process Automation for Financial ServicesAppian
 
APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016Giuliano Iacobelli
 
Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)Carlos Toxtli
 
Everest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technologyEverest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technologyUiPath
 
Reducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedInReducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedInMichael Kehoe
 
The 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study ResultsThe 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study ResultsElance-oDesk
 
Banking in India
Banking in IndiaBanking in India
Banking in IndiaPrasant Patro
 
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...Orlando F. Delgado
 
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...Dana Gardner
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementMighty Guides, Inc.
 
The future of Identity Access Management | Sysfore
The future of Identity Access Management | SysforeThe future of Identity Access Management | Sysfore
The future of Identity Access Management | SysforeSysfore Technologies
 
Cybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveCybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveBrown Smith Wallace
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityRahul Tyagi
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting InformationLaura Martin
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceBigML, Inc
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementEMC
 
Risk assessment
Risk assessmentRisk assessment
Risk assessmentkajal kumari
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performanceAbhishek Sood
 
CISO Interview Question.pdf
CISO Interview Question.pdfCISO Interview Question.pdf
CISO Interview Question.pdfinfosec train
 

More Related Content

Viewers also liked

Case Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process AutomationCase Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process AutomationCA Technologies
 
HfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise BusinessHfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise BusinessHfS Research
 
Business process automation: The past, present and future
Business process automation: The past, present and futureBusiness process automation: The past, present and future
Business process automation: The past, present and futureQorus Software
 
Robotic Process Automation for Financial Services
Robotic Process Automation for Financial ServicesRobotic Process Automation for Financial Services
Robotic Process Automation for Financial ServicesAppian
 
APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016Giuliano Iacobelli
 
Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)Carlos Toxtli
 
Everest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technologyEverest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technologyUiPath
 
Reducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedInReducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedInMichael Kehoe
 
The 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study ResultsThe 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study ResultsElance-oDesk
 

Viewers also liked (10)

Case Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process AutomationCase Study: Taking IT Asset Management to the Next Level With Process Automation
Case Study: Taking IT Asset Management to the Next Level With Process Automation
 
HfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise BusinessHfS Webinar Slides: Smart Process Automation in Enterprise Business
HfS Webinar Slides: Smart Process Automation in Enterprise Business
 
Business process automation: The past, present and future
Business process automation: The past, present and futureBusiness process automation: The past, present and future
Business process automation: The past, present and future
 
Robotic Process Automation for Financial Services
Robotic Process Automation for Financial ServicesRobotic Process Automation for Financial Services
Robotic Process Automation for Financial Services
 
APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016APIs and Process automation at APIDays Global 2016
APIs and Process automation at APIDays Global 2016
 
Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)Chatbots + rpa (robotic process automation)
Chatbots + rpa (robotic process automation)
 
Everest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technologyEverest Group FIT matrix for Robotic Process Automation (rpa) technology
Everest Group FIT matrix for Robotic Process Automation (rpa) technology
 
Reducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedInReducing MTTR and False Escalations: Event Correlation at LinkedIn
Reducing MTTR and False Escalations: Event Correlation at LinkedIn
 
The 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study ResultsThe 2015 Millennial Majority Workforce: Study Results
The 2015 Millennial Majority Workforce: Study Results
 
Banking in India
Banking in IndiaBanking in India
Banking in India
 

Similar to Correlation: Why It's Important to Your Security Infrastructure

digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...Orlando F. Delgado
 
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...Dana Gardner
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementMighty Guides, Inc.
 
The future of Identity Access Management | Sysfore
The future of Identity Access Management | SysforeThe future of Identity Access Management | Sysfore
The future of Identity Access Management | SysforeSysfore Technologies
 
Cybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveCybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveBrown Smith Wallace
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityRahul Tyagi
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting InformationLaura Martin
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceBigML, Inc
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementEMC
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performanceAbhishek Sood
 
CISO Interview Question.pdf
CISO Interview Question.pdfCISO Interview Question.pdf
CISO Interview Question.pdfinfosec train
 
Discussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your poDiscussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your powiddowsonerica
 
Linked in misti_rs_1.0
Linked in misti_rs_1.0Linked in misti_rs_1.0
Linked in misti_rs_1.0Vincent Toms
 
Identity and Access Intelligence
Identity and Access IntelligenceIdentity and Access Intelligence
Identity and Access IntelligenceTim Bell
 
How AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfHow AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfonline Marketing
 
How AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfHow AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfonline Marketing
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies
 

Similar to Correlation: Why It's Important to Your Security Infrastructure (20)

digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
digital-transformation-and-ai-driven-security-strategies-for-enterprise-level...
 
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
Five Ways to Make Identity Management Work Best Across Hybrid Computing Envir...
 
Risksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability ManagementRisksense: 7 Experts on Threat and Vulnerability Management
Risksense: 7 Experts on Threat and Vulnerability Management
 
The future of Identity Access Management | Sysfore
The future of Identity Access Management | SysforeThe future of Identity Access Management | Sysfore
The future of Identity Access Management | Sysfore
 
Cybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveCybersecurity: How to be Proactive
Cybersecurity: How to be Proactive
 
Cyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe SecurityCyber Risk Quantification | Safe Security
Cyber Risk Quantification | Safe Security
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access Management
 
Risk assessment
Risk assessmentRisk assessment
Risk assessment
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performance
 
CISO Interview Question.pdf
CISO Interview Question.pdfCISO Interview Question.pdf
CISO Interview Question.pdf
 
Discussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your poDiscussion Forum.300 wordsInclude at least. words in your po
Discussion Forum.300 wordsInclude at least. words in your po
 
Robust Software Solutions.pptx
Robust Software Solutions.pptxRobust Software Solutions.pptx
Robust Software Solutions.pptx
 
Linked in misti_rs_1.0
Linked in misti_rs_1.0Linked in misti_rs_1.0
Linked in misti_rs_1.0
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to Success
 
Identity and Access Intelligence
Identity and Access IntelligenceIdentity and Access Intelligence
Identity and Access Intelligence
 
How AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfHow AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdf
 
How AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdfHow AI is influencing cyber security for business - CyberHive.pdf
How AI is influencing cyber security for business - CyberHive.pdf
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Correlation: Why It's Important to Your Security Infrastructure

  • 1. Do You Need Correlation? Breaking Down Correlation and What it Means to Identity Management
  • 2. “Do you need correlation?”
  • 3. It’s a question we keep discussing with prospects and customers… And it’s clear there’s a lack of understanding around correlation and its place in an identity management platform.
  • 4. What is correlation? When is it needed? How does it support an identity management platform and security infrastructure?
  • 5. There are three kinds of correlation: • Identity Correlation • Event Correlation • Behavioral Correlation
  • 6. Let’s take a closer look at all three…
  • 8. Identity Correlation – What is it? Identity Correlation reconciles and validates proper ownership of user account IDs throughout an organization & links ownership of those user account IDs to individuals using a unique identifier. In other words, Identity Correlation provides context to user account IDs.
  • 9. This is Jane Smith. She works as a Marketing Manager for XYZ Corp. To XYZ Corp’s security technology systems, Jane exists as JSmith. Identity Correlation – How it Works
  • 10. Identity Correlation links JSmith to the access Jane needs to do her job. As a marketing manager, Jane needs access to Google Apps, Salesforce.com and Hubspot. She does not need access to JIRA, used by the engineering team. Identity Correlation – How it Works JSmith
  • 11. Identity Correlation can show data discrepancies, like if Jane suddenly had access to JIRA. If that happened, Identity Correlation would show XYZ Corp’s IT staff that they need to remove that access for her. Identity Correlation – How it Works
  • 12. Identity management platforms should provide identity correlation as a core function of the product. Identity Correlation & Identity Management
  • 14. Event correlation looks at events happening in a window of time. It is the process of examining events, interactions of events, and then determining which events and interactions are important. Event Correlation – What is it?
  • 15. Event correlation is handled by a Security Information and Event Management (SIEM) tool. When properly configured, a SIEM tool will determine event correlations and raise alerts when needed. Event Correlation – What is it?
  • 16. Event Correlation – How it Works Jane logs into her computer in Barcelona… …but then swipes her employee badge in Jakarta… That shouldn’t be possible! A SIEM tool would alert her IT staff so proper containment steps could be taken.
  • 17. A SIEM tool directly handles event correlation, but receives event logs from across the organization. An identity management platform is a provider and producer of activity logs for a SIEM tool. It also supports alerts from SIEM tools to take action on risks. Event Correlation & Identity Management
  • 19. Behavioral correlation is a relatively new term in IT security because the industry has struggled so much with identity and event correlation. Behavioral Correlation – What is it?
  • 20. Identity Correlation = deals with a current state of accounts Event Correlation = examines events occurring within a window of time Behavioral Correlation = looks at a current event and compares it to historical action patterns Behavioral Correlation – What is it?
  • 21. Jane typically logs into a US based device every weekday between 9am and 6pm. But if she travels to Munich and attempts to login, behavioral correlation determines that this login does not match her usual patterns. That action could push a pre-set policy for this situation into effect, requiring Jane to provide additional information, such as a one- time password sent to her phone. Behavioral Correlation – How it Works
  • 22. Because it’s such a new concept, most identity management platforms do not have the infrastructure to handle behavioral correlation. But it should live in identity management, so the most innovative vendors are closing examining it. Behavioral Correlation & Identity Management
  • 23. So…do you need correlation?...
  • 24. In short, maybe… It all depends on what you’re trying to do. But your identity management vendor should be able to help you determine which type of correlation you need.
  • 25. As it relates to correlation, an identity management platform should include: • Identity Correlation as a component • Ability to work in conjunction with a SIEM tool • Future plans to offer Behavioral Correlation capabilities
  • 26. To learn more about the different types of correlation, read our guidebook, Do You Need Correlation?