SlideShare a Scribd company logo

최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개

Download as PPTX, PDF
A
ArumIm

IBM Security

Technology
1 of 24
© 2015 IBM Corporation IBM Security Systems 1© 2015 IBM Corporation 최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 IBM 전략 소개 박형근 실장 IBM AP Security Tiger
© 2015 IBM Corporation IBM Security Systems 2 FINTECH
© 2015 IBM Corporation IBM Security Systems 3
© 2015 IBM Corporation IBM Security Systems 4 인터넷 은행
© 2015 IBM Corporation IBM Security Systems 5 신용카드 로열티 프로그램 기프트 카드 ID카드 영수증 디지털 화폐/ RDC(Remote Deposit Capture) 스마트 티켓 Wallet 모바일 지갑
© 2015 IBM Corporation IBM Security Systems 6 쇼핑 카텔로그/ 리스트 상점에서 바코드 스캔 자가 결제디지털 영수증 스마트 유통
© 2015 IBM Corporation IBM Security Systems 7
© 2015 IBM Corporation IBM Security Systems 8
© 2015 IBM Corporation IBM Security Systems 9 그런데, 보안은?
© 2015 IBM Corporation IBM Security Systems 10 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management Payment Gateway
© 2015 IBM Corporation IBM Security Systems 11 온라인 금융 서비스 사용자 기기 (PC/모바일) 악성코드 피싱/파밍 감염 및 보안 이벤트 데이터 세션 정보 기기 정보, 세션정보 전자금융 서버 (웹 /모바일) 고객 지원 고객 대응보안/관제 분석 범죄 로직 확인 위험도 산출 사이버 범죄 인텔리전스 IBM 보안센터 IBM 사이버 금융범죄 대응 서비스
© 2015 IBM Corporation IBM Security Systems 12 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management Payment Gateway
© 2015 IBM Corporation IBM Security Systems 13 사용자 인증 (서비스마다 차별적인)
© 2015 IBM Corporation IBM Security Systems 14 MAC CPU IMEI Battery ID Chip ID  언제, 어디서나, 무엇으로든 인터넷을 통해 접근 가능  동시 로그인 및 계정 탈취 방지 필요.  멀티 디바이스, 멀티 브라우저 지원 요구  ID/Password에 부가하여 새로운 방식의 인증 강화(Transparent 3-Factor)  서버에서 디바이스를 구분하는 방식의 문제점  기기 자체의 정보(H/W, OS, 브라우저 등)를 신뢰하면 위험  IBM Solution: ”Persistent Device ID”  소프트웨어+하드웨어 결합방식  앱이나 OS*가 재설치시에도 ID 유지  범죄자의 Device 사용시 구분 사용자 디바이스 인증
© 2015 IBM Corporation IBM Security Systems 15 사용자의 편의성 고려한 차별화 서비스 필요
© 2015 IBM Corporation IBM Security Systems 16 사용자 디바이스 보안 – PC 피싱 차단 악성코드 방어 피싱사이트 블랙리스트 신용카드 정보 악성코드 방어 로그인정보 보호 피싱 대응 치료 피싱사이트 다운서비스 악성코드 제거 로그인 정보 재설정 보고 브라우저 위변조 피싱 사이트차단 고객 리포트 악성 행위 차단브라우저 보호 웹인젝션 키로깅 스크린 캡처 파밍, DNS 변조 x 사용자 기기 악성코드 피싱 오버레이 공격차단
© 2015 IBM Corporation IBM Security Systems 17
© 2015 IBM Corporation IBM Security Systems 18 사용자 디바이스 보안 - 모바일 사용자 기기 악성코드 피싱
© 2015 IBM Corporation IBM Security Systems 19 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management 인터페이스 보안
© 2015 IBM Corporation IBM Security Systems 20 통제 디바이스/ 사물(Thing) 서비스 인터페이스 서비스 플랫폼 IBM Fraud & Secure Gateway IBM Cyber Crime Intelligence ID/PW Mobile OTP 보안 서비스 ID 탈취 탐 지 •Device ID, User ID에 대한 도난 여 부 탐지, 인증정보 통한 플랫폼 공 격 방어 악성코드 탐지 •웹 브라우징 상의 악성코드 감염 여부 탐지와 제거 웹/XML 공격 방어 •웹 혹은 XML 취약점 기반 공격 방 어 암호화 통 신 •암호화 통신(TLS/HTTPS) 및 가속화 인증/접근 제어 •사용자 혹은 디바이스 인증 및 서 비스 접근 제어 (인증 혹은 IP 기반 등) 인터페 이스 보안 인터페이스 보안
© 2015 IBM Corporation IBM Security Systems 21 IBM 보안 프레임워크
© 2015 IBM Corporation IBM Security Systems 22 IBM 보안 솔루션 포트폴리오
© 2015 IBM Corporation IBM Security Systems 23 IBM 보안 서비스 포트폴리오 IBM Security Services Portfolio People Data Applications Infrastructure Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration Total Authentication Solution Encryption and Data Loss Prevention Embedded Device Testing Staff Augmentation Managed/Cloud Identity Mobile Application Testing Strategy, Risk & Compliance Security Maturity Benchmarking Security Strategy & Roadmap Development Security Risk Assessment & Program Design Industrial Controls (NIST, SCADA) PCI Advisory Firewall / Unified Threat Management Intrusion Detection & Prevention Web Protection & Managed DDoS Hosted E-Mail & Web Vulnerability Mgmt Managed SIEM & Log Management Security Operations Security Intelligence Operations Center Design & Build Out Services Cloud and Managed Services Cybersecurity Assessment & Response Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response
© 2014 IBM Corporation IBM Security Systems 24 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Recommended

IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...AGILLY
 
MaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementMaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementDarryl Miles
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail IndustryIBM Security
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...AGILLY
 
Mobility 201 : Productivity
Mobility 201 : ProductivityMobility 201 : Productivity
Mobility 201 : ProductivityAGILLY
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?IBM Security
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsIBM Security
 

Recommended

IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...
IBM MobileFirst Protect (MaaS360) : Rendre la Messagerie Mobile Gérable et Sé...AGILLY
 
MaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementMaaS360 - Mobile Expense Management
MaaS360 - Mobile Expense ManagementDarryl Miles
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail IndustryIBM Security
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...AGILLY
 
Mobility 201 : Productivity
Mobility 201 : ProductivityMobility 201 : Productivity
Mobility 201 : ProductivityAGILLY
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?IBM Security
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsIBM Security
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Iraje brochure v17 master
Iraje brochure v17 masterIraje brochure v17 master
Iraje brochure v17 masterMechsoft Technologies LLC
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_referencesMaarten Werff
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Thailand Co Ltd
 
Emergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security RisksEmergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security RisksIBM Security
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideFrancisco González Jiménez
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
 
IBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - PortfolioIBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - PortfolioIBM Sverige
 
Aensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity SolutionsAensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity SolutionsJose Luis Garcia Rodriguez
 
InfoSec World 2014 Security Imperatives for IOS and Android
InfoSec World 2014 Security Imperatives for IOS and AndroidInfoSec World 2014 Security Imperatives for IOS and Android
InfoSec World 2014 Security Imperatives for IOS and AndroidSymosis Security (Previously C-Level Security)
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 
Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...Vaultastic
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watsonPrime Infoserv
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...IBM Security
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iPrecisely
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentationdanhsmith
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAMIranna Hurakadli
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - PowerpointThierry Matusiak
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSCamilo Fandiño Gómez
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksIBM Security
 

More Related Content

What's hot

Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_referencesMaarten Werff
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
Emergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security RisksEmergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security RisksIBM Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
 
IBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - PortfolioIBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - PortfolioIBM Sverige
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 
Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...Vaultastic
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watsonPrime Infoserv
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...IBM Security
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iPrecisely
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentationdanhsmith
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - PowerpointThierry Matusiak
 

What's hot (20)

Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
 
Iraje brochure v17 master
Iraje brochure v17 masterIraje brochure v17 master
Iraje brochure v17 master
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_references
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
Emergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security RisksEmergency Response How to Identify and Resolve Security Risks
Emergency Response How to Identify and Resolve Security Risks
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
IBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - PortfolioIBM Security Identity and Access Management - Portfolio
IBM Security Identity and Access Management - Portfolio
 
Aensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity SolutionsAensis Advanced Cybersecurity Solutions
Aensis Advanced Cybersecurity Solutions
 
InfoSec World 2014 Security Imperatives for IOS and Android
InfoSec World 2014 Security Imperatives for IOS and AndroidInfoSec World 2014 Security Imperatives for IOS and Android
InfoSec World 2014 Security Imperatives for IOS and Android
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and Technology
 
Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...Understanding and complying with RBI’s Cyber security guidelines for Email sy...
Understanding and complying with RBI’s Cyber security guidelines for Email sy...
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM i
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAM
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
 

Similar to 최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개

Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksIBM Security
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everEC-Council
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Mobility 101 : Provision
Mobility 101 : ProvisionMobility 101 : Provision
Mobility 101 : ProvisionAGILLY
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Mobility 301 : Protect
Mobility 301 : ProtectMobility 301 : Protect
Mobility 301 : ProtectAGILLY
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseIBM Security
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseIBM Security
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIBM Security
 
Follow the Money, Follow the Crime
Follow the Money, Follow the CrimeFollow the Money, Follow the Crime
Follow the Money, Follow the CrimeIBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentIBM Security
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud accessAGILLY
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareSarah Freemantle
 
8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMMAGILLY
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Security Principles for CEOs
Security Principles for CEOsSecurity Principles for CEOs
Security Principles for CEOsMorten Bjørklund
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart ThemIBM Security
 

Similar to 최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개 (20)

IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than ever
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
Mobility 101 : Provision
Mobility 101 : ProvisionMobility 101 : Provision
Mobility 101 : Provision
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Mobility 301 : Protect
Mobility 301 : ProtectMobility 301 : Protect
Mobility 301 : Protect
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile Enterprise
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
 
Follow the Money, Follow the Crime
Follow the Money, Follow the CrimeFollow the Money, Follow the Crime
Follow the Money, Follow the Crime
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud access
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
 
8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Security Principles for CEOs
Security Principles for CEOsSecurity Principles for CEOs
Security Principles for CEOs
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
 

Recently uploaded

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Recently uploaded (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개

  • 1. © 2015 IBM Corporation IBM Security Systems 1© 2015 IBM Corporation 최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 IBM 전략 소개 박형근 실장 IBM AP Security Tiger
  • 2. © 2015 IBM Corporation IBM Security Systems 2 FINTECH
  • 3. © 2015 IBM Corporation IBM Security Systems 3
  • 4. © 2015 IBM Corporation IBM Security Systems 4 인터넷 은행
  • 5. © 2015 IBM Corporation IBM Security Systems 5 신용카드 로열티 프로그램 기프트 카드 ID카드 영수증 디지털 화폐/ RDC(Remote Deposit Capture) 스마트 티켓 Wallet 모바일 지갑
  • 6. © 2015 IBM Corporation IBM Security Systems 6 쇼핑 카텔로그/ 리스트 상점에서 바코드 스캔 자가 결제디지털 영수증 스마트 유통
  • 7. © 2015 IBM Corporation IBM Security Systems 7
  • 8. © 2015 IBM Corporation IBM Security Systems 8
  • 9. © 2015 IBM Corporation IBM Security Systems 9 그런데, 보안은?
  • 10. © 2015 IBM Corporation IBM Security Systems 10 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management Payment Gateway
  • 11. © 2015 IBM Corporation IBM Security Systems 11 온라인 금융 서비스 사용자 기기 (PC/모바일) 악성코드 피싱/파밍 감염 및 보안 이벤트 데이터 세션 정보 기기 정보, 세션정보 전자금융 서버 (웹 /모바일) 고객 지원 고객 대응보안/관제 분석 범죄 로직 확인 위험도 산출 사이버 범죄 인텔리전스 IBM 보안센터 IBM 사이버 금융범죄 대응 서비스
  • 12. © 2015 IBM Corporation IBM Security Systems 12 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management Payment Gateway
  • 13. © 2015 IBM Corporation IBM Security Systems 13 사용자 인증 (서비스마다 차별적인)
  • 14. © 2015 IBM Corporation IBM Security Systems 14 MAC CPU IMEI Battery ID Chip ID  언제, 어디서나, 무엇으로든 인터넷을 통해 접근 가능  동시 로그인 및 계정 탈취 방지 필요.  멀티 디바이스, 멀티 브라우저 지원 요구  ID/Password에 부가하여 새로운 방식의 인증 강화(Transparent 3-Factor)  서버에서 디바이스를 구분하는 방식의 문제점  기기 자체의 정보(H/W, OS, 브라우저 등)를 신뢰하면 위험  IBM Solution: ”Persistent Device ID”  소프트웨어+하드웨어 결합방식  앱이나 OS*가 재설치시에도 ID 유지  범죄자의 Device 사용시 구분 사용자 디바이스 인증
  • 15. © 2015 IBM Corporation IBM Security Systems 15 사용자의 편의성 고려한 차별화 서비스 필요
  • 16. © 2015 IBM Corporation IBM Security Systems 16 사용자 디바이스 보안 – PC 피싱 차단 악성코드 방어 피싱사이트 블랙리스트 신용카드 정보 악성코드 방어 로그인정보 보호 피싱 대응 치료 피싱사이트 다운서비스 악성코드 제거 로그인 정보 재설정 보고 브라우저 위변조 피싱 사이트차단 고객 리포트 악성 행위 차단브라우저 보호 웹인젝션 키로깅 스크린 캡처 파밍, DNS 변조 x 사용자 기기 악성코드 피싱 오버레이 공격차단
  • 17. © 2015 IBM Corporation IBM Security Systems 17
  • 18. © 2015 IBM Corporation IBM Security Systems 18 사용자 디바이스 보안 - 모바일 사용자 기기 악성코드 피싱
  • 19. © 2015 IBM Corporation IBM Security Systems 19 ProcessorsPayment Gateway API WalletPCI Vault Merchant Ledger Adv. Routing Basic Fraud Adv. Fraud Cross-channel Commerce Engine Checkout Data Feeds Reconciliation Shadow A/R Settlement Operations Web Tool Logistics Treasury A/R Financial Back-Office Order Management 인터페이스 보안
  • 20. © 2015 IBM Corporation IBM Security Systems 20 통제 디바이스/ 사물(Thing) 서비스 인터페이스 서비스 플랫폼 IBM Fraud & Secure Gateway IBM Cyber Crime Intelligence ID/PW Mobile OTP 보안 서비스 ID 탈취 탐 지 •Device ID, User ID에 대한 도난 여 부 탐지, 인증정보 통한 플랫폼 공 격 방어 악성코드 탐지 •웹 브라우징 상의 악성코드 감염 여부 탐지와 제거 웹/XML 공격 방어 •웹 혹은 XML 취약점 기반 공격 방 어 암호화 통 신 •암호화 통신(TLS/HTTPS) 및 가속화 인증/접근 제어 •사용자 혹은 디바이스 인증 및 서 비스 접근 제어 (인증 혹은 IP 기반 등) 인터페 이스 보안 인터페이스 보안
  • 21. © 2015 IBM Corporation IBM Security Systems 21 IBM 보안 프레임워크
  • 22. © 2015 IBM Corporation IBM Security Systems 22 IBM 보안 솔루션 포트폴리오
  • 23. © 2015 IBM Corporation IBM Security Systems 23 IBM 보안 서비스 포트폴리오 IBM Security Services Portfolio People Data Applications Infrastructure Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration Total Authentication Solution Encryption and Data Loss Prevention Embedded Device Testing Staff Augmentation Managed/Cloud Identity Mobile Application Testing Strategy, Risk & Compliance Security Maturity Benchmarking Security Strategy & Roadmap Development Security Risk Assessment & Program Design Industrial Controls (NIST, SCADA) PCI Advisory Firewall / Unified Threat Management Intrusion Detection & Prevention Web Protection & Managed DDoS Hosted E-Mail & Web Vulnerability Mgmt Managed SIEM & Log Management Security Operations Security Intelligence Operations Center Design & Build Out Services Cloud and Managed Services Cybersecurity Assessment & Response Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response
  • 24. © 2014 IBM Corporation IBM Security Systems 24 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.