ECS: Delivering Better Cyber Intelligence and Compliance
•
0 likes•1,393 views
Learn the ECS approach to cyber intelligence, why they migrated from legacy government risk and compliance systems to Elastic, and what they learned about enterprise application development and deployment. See the video: https://www.elastic.co/elasticon/tour/2019/washington-dc/ecs-delivering-better-cyber-intelligence-and-compliance
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to ECS: Delivering Better Cyber Intelligence and Compliance
Similar to ECS: Delivering Better Cyber Intelligence and Compliance (20)
More from Elasticsearch
More from Elasticsearch (20)
Recently uploaded
Recently uploaded (20)
ECS: Delivering Better Cyber Intelligence and Compliance
- 1. Elastic(on) 2019 Presented by: § Joanna Dempsey, Director, Cyber Solutions § Mike Zakrzewski, Director, Cyber Technologies § James Byroads, Lead Developer Continuous Monitoring using Elastic Continuous Monitoring Objectives, Challenges & Solutions1 Demo – Continuous Monitoring with Elasticsearch & Kibana2 What’s Next?3
- 2. Fairfax, VA Headquarters $642M 2018 Revenue 2400+ Employees Nationally and Internationally Top Workplace by Washington Post Since 2014 ECS OVERVIEW ECS is a leading information technology provider delivering solutions in cloud, cybersecurity, software development, IT modernization, and science and engineering. The company's highly skilled teams approach and solve critical, complex challenges for customers across the U.S. public sector, defense, and commercial industries. ECS maintains partnerships with leading cloud and cybersecurity technology providers and holds specialized certifications in their technologies. Our Expertise — Cloud Solutions — Cybersecurity — Software & Systems — IT Modernization — Science & Engineering Our Customers — Federal Civilian — Department of Defense — Intel and Homeland Security — State, Local, and Education — Commercial Our Technology Partners — Microsoft — Amazon Web Services (AWS) — McAfee — Elastic — Google
- 3. 3 ECS CYBERSECURITY SERVICES Our mission to simplify and strengthen your cybersecurity drives our range of solution delivery options—from ongoing managed security services and operating your Virtual SOC to short-term professional service engagements. Virtual SOC Active Defense & Hunting Penetration Testing Threat Detection Service Breach Detection Service Incident Response Governance, Risk, & Compliance Vulnerability Management
- 4. 4 Continuous Monitoring Objectives, Challenges & Solutions Demo - Elasticsearch & Kibana What’s Next? ECS Cyber
- 5. 5 CONTINUOUS MONITORING The Objective of Continuous Monitoring is to enhance your IT security posture, by promoting ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions Challenges include visibility, prioritization and balancing flexibility and standardization to drive enterprise-wide value ECS seeks solutions that promote scalability, interoperability and flexibility, while considering total cost of ownership
- 6. 6 CONTINUOUS MONITORING – ARCHITECTURE • Enterprise-Wide Data Target / Datastore • Enterprise-Wide Visualization / Reporting • Data search / query • Alerts & Notifications • Datastore • Application Programming Interface (API) • Search & Analytics • Collect, Parse, Transform Data • Policy definition & defect identification Dashboard • Hardware Asset Management • Vulnerability Management • Identify and Access Management • Configuration Management Database • Cloud-native tools and capabilities Tool&SensorDataNormalizedData DataCollectionIntegration
- 7. 7 WHY ELASTIC • Interoperability • Robust API • Capacity Scaling • Horizontal Scalability • Search Performance • Distributed Search • SPEED • Multitenancy • Granular control / Flexible • Licensing Model • Options
- 8. 8 Continuous Monitoring Objectives, Challenges & Lessons Learned Demo – Elasticsearch & Kibana What’s Next? ECS Cyber
- 9. 9 Continuous Monitoring Objectives, Challenges & Lessons Learned Demo - Elasticsearch & Kibana What’s Next? ECS Cyber
- 10. 10 WHAT’S NEXT – EXPANDED ARCHITECTURE Tool&SensorData Threat Feed Aggregation • Visualization / reporting • Data search / query • Alerts & Notifications • Datastore • Application Programming Interface (API) • Search & Analytics • Collect, Parse, Transform Data • Policy definition & defect identification • Hardware Asset Management • Vulnerability Management • Identify and Access Management • Configuration Management Database • Cloud-native tools and capabilities NormalizedData Ongoing Assessment Threat Hunting DashboardDataCollection Orchestration Integration Machine Learning Incident Identification