Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Live Demo: How to Detect System 
Compromise and Data Exfiltration
@AlienVault 
About AlienVault 
AlienVault has unified the security products, intelligence and 
community essential for mid...
@AlienVault 
Threat landscape: Our new reality 
• More and more organizations are finding 
themselves in the crosshairs of...
“There are two types of companies that use 
computers. Victims of crime that know they are 
victims of crime and victims o...
“How would you change your strategy if you 
knew for certain that you were going to be 
@AlienVault 
compromised?” 
- Mart...
@AlienVault 
Get (Very) good at detection & response 
Prevent Detect & Respond 
The basics are in 
place for most 
compani...
@AlienVault 
So many security technologies to choose from 
Given the 10 most recommended technologies and 
the pricing ran...
@AlienVault 
Many point solutions…integration anyone? 
“Security Intelligence through Integration that we do, NOT you” 
US...
@AlienVault 
USM Product Capabilities 
USM 
powered by 
AV Labs Threat 
Intelligence 
ASSET DISCOVERY 
• Active Network Sc...
@AlienVault 
Unified Security Management 
Complete. Simple. Affordable. 
AlienVault USM provides the five essential securi...
@AlienVault 
AlienVault Labs Threat Intelligence: 
Coordinated Analysis, actionable Guidance 
• Updates every 30 minutes 
...
@AlienVault 
AlienVault Labs threat intelligence 
 Weekly updates that cover all your coordinated rule sets: 
 Network-b...
@AlienVault 
NOW FOR SOME Q&A… 
Three Ways to Test Drive AlienVault 
Download a Free 30-Day Trial 
http://www.alienvault.c...
Upcoming SlideShare
Loading in …5
×

How to Detect System Compromise & Data Exfiltration

Have you ever wondered how the bad guys actually get control of a system? And, how they convert that system into a data-syphoning droid? Then you won't want to miss our next live demo, where AlienVault security guru Tom D'Aquino will walk you through the steps of a system compromise, including how AlienVault USM detects these nefarious activities every step of the way.

You'll learn:

How attackers exploit vulnerabilities to take control of systems
What they do next to find & exfiltrate valuable data
How to catch them before the damage is done with AlienVault USM
Using a real-world example of a common vulnerability, Tom will show you how USM gives you the evidence you need to stop an attack in its tracks.

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

How to Detect System Compromise & Data Exfiltration

  1. 1. Live Demo: How to Detect System Compromise and Data Exfiltration
  2. 2. @AlienVault About AlienVault AlienVault has unified the security products, intelligence and community essential for mid-sized businesses to defend against today’s modern threats
  3. 3. @AlienVault Threat landscape: Our new reality • More and more organizations are finding themselves in the crosshairs of various bad actors for a variety of reasons. • The number of organizations experiencing high profile breaches is unprecedented. • The “security arms race” cannot continue indefinitely as the economics of securing your organization is stacked so heavily in favor of those launching attacks that incremental security investments are seen as impractical. 84% of organizations breached had evidence of the breach in their log files…
  4. 4. “There are two types of companies that use computers. Victims of crime that know they are victims of crime and victims of crime that don’t have a clue yet.” - James Routh, 2007 CISO Depository Trust Clearing Corporation @AlienVault Prevention is elusive
  5. 5. “How would you change your strategy if you knew for certain that you were going to be @AlienVault compromised?” - Martin Roesch, 2013 Founder & CTO Sourcefire, Author SNORT
  6. 6. @AlienVault Get (Very) good at detection & response Prevent Detect & Respond The basics are in place for most companies…but this alone is a ‘proven’ failed strategy. New capabilities to develop
  7. 7. @AlienVault So many security technologies to choose from Given the 10 most recommended technologies and the pricing range, an organization could expect to spend anywhere from $225,000 to $1.46m in its first year, including technology and staff. Source: The Real Cost of Security, 451 Research, April 2013 Factor into this:  Initial Licensing Costs  Implementation / Optimization Costs  Ongoing Management Costs  Renewal Costs  Integration of all the security technologies  Training of personnel/incoming personnel
  8. 8. @AlienVault Many point solutions…integration anyone? “Security Intelligence through Integration that we do, NOT you” USM Platform • Bundled Products - 30 Open-Source Security tools to plug the gaps in your existing controls • USM Framework - Configure, Manage, & Run Security Tools. Visualize output and run reports • USM Extension API - Support for inclusion of any other data source into the USM Framework • Open Threat Exchange –Provides threat intelligence for collaborative defense
  9. 9. @AlienVault USM Product Capabilities USM powered by AV Labs Threat Intelligence ASSET DISCOVERY • Active Network Scanning • Passive Network Scanning • Asset Inventory • Host-based Software Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning SECURITY INTELLIGENCE • SIEM Event Correlation • Incident Response BEHAVIORAL MONITORING • Log Collection • Netflow Analysis • Service Availability Monitoring THREAT DETECTION • Network IDS • Host IDS • Wireless IDS • File Integrity Monitoring
  10. 10. @AlienVault Unified Security Management Complete. Simple. Affordable. AlienVault USM provides the five essential security capabilities in one, pre-integrated platform  Unified Security Management (USM) Platform  AlienVault Labs Threat Intelligence  AlienVault Open Threat Exchange Delivery Options: Hardware, Virtual, or Cloud-based appliances Open-Source version (OSSIM) also available
  11. 11. @AlienVault AlienVault Labs Threat Intelligence: Coordinated Analysis, actionable Guidance • Updates every 30 minutes • 200-350,000 IP validated daily • 8,000 Collection points • 140 Countries
  12. 12. @AlienVault AlienVault Labs threat intelligence  Weekly updates that cover all your coordinated rule sets:  Network-based IDS signatures  Host-based IDS signatures  Asset discovery and inventory database updates  Vulnerability database updates  Event correlation rules  Report modules and templates  Incident response templates / “how to” guidance for each alarm  Plug-ins to accommodate new data sources  Fueled by the collective power of the AlienVault’s Open Threat Exchange (OTX)
  13. 13. @AlienVault NOW FOR SOME Q&A… Three Ways to Test Drive AlienVault Download a Free 30-Day Trial http://www.alienvault.com/free-trial Try our Interactive Demo Site http://www.alienvault.com/live-demo-site Join us for a live Demo http://www.alienvault.com/marketing/alienvault-usm-live- demo Questions? hello@alienvault.com

×