Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
‫המפיצה‬
‫של‬ ‫הרשמית‬
CYBERSHARK
by
About Us
• Connect Everywhere Israel, Branch of Mexican IT Company
• More then 20 years of IT management & Security
• Work...
Malware Based Attacks Continue To Rise
2009 2,361,414
430,555,582
new malware detected
2015
new malware detected
Source: S...
1,179,000
new malware detected
every day
Source: Symantec 2016 Global Intelligence Network
Report
Cisco Threats
Security Risk
• Every day there are more
then 10 Security Risk
threats in your network that
you need to hand...
• 2016 – 146 Vulnerabilities for Microsoft Office
• 106 Vulnerabilities considered CRITICAL
• 2015-2016 – 150 Vulnerabilit...
Our Way to Solve Security Risk
• Our System Solution helps companies to overcome security issues in
their system
• There a...
The work flow
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
The company has different IT and Information Security
Devices, ...
The Collector (MSI) will be installed on the client
premises and will take the logs from all this devices.
Firewalls
I.P.S...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
CollectorMSI
Compress
Encrypt
Send
The collector will compress ...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
CollectorMSI
Compress
Encrypt
Send
Aggregation
Normalization
Du...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
Collector MSI
Compress
Encrypt
Send
Aggregation
Normalization
D...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
CollectorMSI
Compress
Encrypt
Send
The Data on database is enri...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
CollectorMSI
Compress
Encrypt
Send
Data can be exposed to the c...
Firewalls
I.P.S
Linux Server
Window Server
Switches
Router
Collector MSI
Compress
Encrypt
Send
The analyst checks the inci...
Who needs this solutions
• Capital Market
• Credit Data Law
• Superintendent of Insurance
• SOC2 - Cloud companies that ho...
Why CYBERShark ?
• Your network & data are critical to your success
• The characteristics of cyber threats are known:
• Un...
HOW CYBERSHARK PROTECTS YOU
• The alerts we send you don’t just tell you that there’s a problem, they
tell you how to hand...
Contact Us
WWW.CEI.CO.IL
Salo 052-3653227 salo@cei.co.il
Sharon 054-5680114 sharon@cei.co.il
Upcoming SlideShare
Loading in …5
×

מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service

1,543 views

Published on

http://cei.co.il/cloud-solutions/siem/
שירות SIEM-as-a-Service שיחד עם מרכז בקרה (SOC) מספק ללקוחות שלנו זיהוי בזמן אמת של אירועי אבטחת מידע ודרכי פיתרון מומלצים. המערכת מאפשרת זיהוי מיידי של חריגות בביצועי הרשת וכן התפרצויות של חריגות אבטחת מידע על בסיס ניתוח התנהגות הרשת.
ניטור הרשת 7 × 24, התראות בזמן אמת, תיקון עבור כל פעילות זדונית, זרימת עבודה וניהול אירוע משולב, דוחות הנדרשים לצורך עמידה בדרישות ISO, PCI, HIPAA, SOX ועוד, עלות חודשית נמוכה
היכנס לאתר שלנו והירשם לקבלת המערכת ל 30 ימי ניסיון בחינם
http://cei.co.il/cloud-solutions/siem/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service

  1. 1. ‫המפיצה‬ ‫של‬ ‫הרשמית‬ CYBERSHARK by
  2. 2. About Us • Connect Everywhere Israel, Branch of Mexican IT Company • More then 20 years of IT management & Security • Working globally as Security Expert • Bring the Israel IT top of the art security solution
  3. 3. Malware Based Attacks Continue To Rise 2009 2,361,414 430,555,582 new malware detected 2015 new malware detected Source: Symantec 2016 Global Intelligence Network Report
  4. 4. 1,179,000 new malware detected every day Source: Symantec 2016 Global Intelligence Network Report
  5. 5. Cisco Threats Security Risk • Every day there are more then 10 Security Risk threats in your network that you need to handle • Some impact you immediately • You need to be aware them and threat them when it happen
  6. 6. • 2016 – 146 Vulnerabilities for Microsoft Office • 106 Vulnerabilities considered CRITICAL • 2015-2016 – 150 Vulnerabilities for Adobe Reader • 11 Vulnerabilities considered CRITICAL Microsoft Security Bulletin MS16-120 - Critical Adobe Security Bulleting
  7. 7. Our Way to Solve Security Risk • Our System Solution helps companies to overcome security issues in their system • There are 2 process that work together to solve your security break • SIEM - Security Information and Event Management • Deal with all the alerts in the system • SOC - Security Operations Center • Real people • Working 24x7 • Monitors the security event • send alerts and solutions to problems
  8. 8. The work flow
  9. 9. Firewalls I.P.S Linux Server Window Server Switches Router The company has different IT and Information Security Devices, such as Firewalls, IPS, Switches, routers, proxies, Anti Spam, Antivirus , Windows Servers, Linux Servers and others. Each Device Creates Its Own Security Log With Security Information On It. 1
  10. 10. The Collector (MSI) will be installed on the client premises and will take the logs from all this devices. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI 2
  11. 11. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The collector will compress them and send them encrypted to the Cyber Shark Cloud. 3
  12. 12. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Aggregation Normalization Duplication The events when arriving pass to different processes as Aggregation, normalization and duplication. 4
  13. 13. Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send Aggregation Normalization Duplication Then are placed in the Database 5
  14. 14. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The Data on database is enriched by external sources as Blacklists and others. IT is passed through a complex set of correlation rules. 6 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB
  15. 15. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Data can be exposed to the client using the dashboard. When an incident is identified, an alert is sent to the costumer and a ticket being open for the analyst to check the issue. 7 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB Dashboard Alert
  16. 16. Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send The analyst checks the incident and decide if it is a false positive or not, and if not gathers all the evidence. A Remediation plan is created and all this data is send to the client via a ticketing system or email. 8 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules Verify False Positive Add Remediation Plan DB Dashboard Alert Notify SOC Analyst CLIENTS
  17. 17. Who needs this solutions • Capital Market • Credit Data Law • Superintendent of Insurance • SOC2 - Cloud companies that hold customer information • PCI - Companies that perform credit card transactions required to correct • HIPPA - Companies must meet HIPPA regulation - drug companies and HMOs
  18. 18. Why CYBERShark ? • Your network & data are critical to your success • The characteristics of cyber threats are known: • Unusual outbound network traffic/data exfiltration • Anomalies in privileged-user account activity • Large numbers of requests for the same file • Geographical irregularities • Database extractions (SQL injection) • Sweep Scans & event log alterations • But these Indicators of Compromise (IoC) cannot be reliably detected by localized security measures like firewalls and IDS/IPS systems! • You need CYBERShark to watch your entire network
  19. 19. HOW CYBERSHARK PROTECTS YOU • The alerts we send you don’t just tell you that there’s a problem, they tell you how to handle it: • Identification of the specific threat • Remediation steps to fix the problem (device-specific) • All supporting evidence provided in the alert • The customer portal lets you view your own network security posture at a glance • You get access to comprehensive reporting for security and regulatory compliance • Compliance reports identify the specific regulatory issues at stake due to a threat (HIPAA, PCI, GPG13 and more)
  20. 20. Contact Us WWW.CEI.CO.IL Salo 052-3653227 salo@cei.co.il Sharon 054-5680114 sharon@cei.co.il

×