SlideShare a Scribd company logo

CryptTech 2015

Download as PPTX, PDF
Mustafa Kuğu
Mustafa Kuğu

CryptTech 2015

Technology
1 of 16
CYBER THREAT INTELLIGENCE – INNOVATIVE APPROACHES TARIK KOBALAS IDC IT SECURITY 2015
Agenda CryptTech; company profile, background and milestones CryptTech upcoming products and channels Log , Log management and SIEM CryptoSIM, SIEM solution General overview Signature/Rule Based Correlation New Approach to SIEM, Machine Learning Project Threat Intelligence Simulation via CryptoSim Artificial intelligent Siem Project – Crypttech Threat Exchange
Company Profile Leading R&D companies in Turkey in security intelligent solutions area ~3000 clients, small to large size enterprises over Turkey Our Services Log management Security Information and Event Management Hotspot solution Vulnerability and penetration tests Our Products CRYPTOLOG – Software based log manager CRYPTOSIM – Security Information and Event Management solution CRYPTOSPOT – Hotspot gateway Solution
Milestones CRYPTOLOG log manager CRYPTOSPOT Hotspot gateway CRYPTOSIM SIEM solution +600 Enterpries +2000 Customers Turkey CryptTech started
On Road Products… CryptoCTX - Crypttech Cyber Threat Exchange CryptoDLP - Data Lackage/Loss Prevention CryptoVMS – Vulnerability Management System CryptoWELA – Windows Event Log Analyser CryptoESC – Endpoint Security Client CryptoMON – Application and Network Monitoring System
Logs, Log Management and SIEM What are LOGs? Why Log management? What is SIEM? Records of actions and requests of application, operating system, network devices, servers Log data need to be processed into actionable intelligence for further analysis, reports, compliance. Security Information and Event Management Security intelligence on APTs, Risks and Incident management
Logs, Log Management and SIEM Collection Collect, Transport Parse, Normalize Categorize Analysis Search, Compliance Statistical reports Compression and Retention Correlation Events correlation Risk evaluation Alerts and Incident management Collection LOGs CRYPTOLOG CRYPTOSIM Correlation Analysis 7
General Overview Security Intelligence across network Universal Visibility over one Interface Forensic Analysis Compliance, Regulations Out-Of-the-Box Reports Application Troubleshooting
General Overview Threats Detection Event Correlation Risk Evaluation Incident Management CRYPTOLOG CORRELATION
Correlation A Linking multiple events together to detect strange behavior Event Based Rules Based Anomaly Based Risk Based Association of different but related events to provide broader context Event Time Source AccessContext
Correlation Types A Logical Correlation Cross Correlation Basic Correlation Basic Correlation Logical Correlation Cross Correlation Contextual Correlation Historical Correlation Hierarchical Correlation Contextual Correlation Historical Correlation Hierarchical Correlation Simple Rules, Login failures Performing cross correlation Between different source logs Of same events Based on priority assignment To events through a logical tree algorithm Based on asset’s characteristics Signature based and Anomaly based threat detection From previously gathered data Re-correlates the stored log with different correlation rules
Threat Intelligence A PortScan DMZ PortScan 5 Risk Level PortScan Detected Web Servers Detected by Hacker SQL Injection SQL Injection 6 SQL Injection Detected Deploying Payload Symetric Traffic 7 Symetric Traffic Detected Infected Web Server Open Connection 8 Open Connection to LAN by infected server Exploit 9 Windows Exploited – New User added 10 Windows Exploited – User Added Domain Admin Group
The more data, the more efficiency… Big data analytics from the point of Security view Complexity of system Thousands of correlation rules, billions or records for a day Elimination of false positives Updated rules, advancing system Professional services and expert team Unfortunately you need more and more data Solution is CTX – Threat Exchange Service
Innovative Aproaches to SIEM A CTX Crypttech Threat Exchange Advanced Threat and Malware Analyses Services CTX Agent Rules ML – Central Machine Learning Grid ML New CryptoSIM Engine Data New Rules Data New Rules CRYPTTECH SOC
Contact Info www.crypttech.com info@crypttech.com +90 212 217 7017 http://support.crypttech.com www.facebook.com/crypttech www.twitter.com/crypttech A
THANK YOU

Recommended

Reconnex
ReconnexReconnex
Reconnexgigamon
 
LogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMLogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMDenitsa Dimova
 
AWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAmazon Web Services
 
IEEE CSE Projects 2017 2018
IEEE CSE Projects 2017 2018IEEE CSE Projects 2017 2018
IEEE CSE Projects 2017 2018CloudTechnologies
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issuesJoo Manthar
 
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1c
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1cbcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1c
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1cSam Kumarsamy
 
Network Security Thesis Topics
Network Security Thesis TopicsNetwork Security Thesis Topics
Network Security Thesis TopicsPhdtopiccom
 
A New Security Paradigm for IoT (Internet of Threats)
A New Security Paradigm for IoT (Internet of Threats)A New Security Paradigm for IoT (Internet of Threats)
A New Security Paradigm for IoT (Internet of Threats)Priyanka Aash
 

Recommended

Reconnex
ReconnexReconnex
Reconnexgigamon
 
LogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMLogSentinel Next-Gen SIEM
LogSentinel Next-Gen SIEMDenitsa Dimova
 
AWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAmazon Web Services
 
IEEE CSE Projects 2017 2018
IEEE CSE Projects 2017 2018IEEE CSE Projects 2017 2018
IEEE CSE Projects 2017 2018CloudTechnologies
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issuesJoo Manthar
 
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1c
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1cbcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1c
bcs_sb_TechPartner_SSLVisibility_Lastline_EN_v1cSam Kumarsamy
 
Network Security Thesis Topics
Network Security Thesis TopicsNetwork Security Thesis Topics
Network Security Thesis TopicsPhdtopiccom
 
A New Security Paradigm for IoT (Internet of Threats)
A New Security Paradigm for IoT (Internet of Threats)A New Security Paradigm for IoT (Internet of Threats)
A New Security Paradigm for IoT (Internet of Threats)Priyanka Aash
 
8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security BrokerBitglass
 
Why Cyglass?
Why Cyglass? Why Cyglass?
Why Cyglass? Cyglass
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudBitglass
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...finalsemprojects
 
SIEM game changer
SIEM game changerSIEM game changer
SIEM game changerSecurity Dialog
 
Cloud computing projects
Cloud computing projects Cloud computing projects
Cloud computing projects CloudTechnologies
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Blockchain for automation
Blockchain for automationBlockchain for automation
Blockchain for automationSAGE Automation
 
Blockchain for network engineers
Blockchain for network engineersBlockchain for network engineers
Blockchain for network engineersBlockchain Council
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryPriyanka Aash
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur
 
Blockchain for automation
Blockchain for automation Blockchain for automation
Blockchain for automation JustEngineering
 
Cloud gateways for regulatory compliance
Cloud gateways for regulatory complianceCloud gateways for regulatory compliance
Cloud gateways for regulatory complianceUlf Mattsson
 
Cloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeCloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeJoAnna Cheshire
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
 
Pulling our-socs-up
Pulling our-socs-upPulling our-socs-up
Pulling our-socs-upPriyanka Aash
 
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015Hebe On
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerPriyanka Aash
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themPriyanka Aash
 
The power-of-blogging
The power-of-bloggingThe power-of-blogging
The power-of-bloggingCIM East of England
 
Korelasi
KorelasiKorelasi
KorelasiRania Rofila
 

More Related Content

What's hot

8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security BrokerBitglass
 
Why Cyglass?
Why Cyglass? Why Cyglass?
Why Cyglass? Cyglass
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudBitglass
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...finalsemprojects
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Blockchain for automation
Blockchain for automationBlockchain for automation
Blockchain for automationSAGE Automation
 
Blockchain for network engineers
Blockchain for network engineersBlockchain for network engineers
Blockchain for network engineersBlockchain Council
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryPriyanka Aash
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur
 
Blockchain for automation
Blockchain for automation Blockchain for automation
Blockchain for automation JustEngineering
 
Cloud gateways for regulatory compliance
Cloud gateways for regulatory complianceCloud gateways for regulatory compliance
Cloud gateways for regulatory complianceUlf Mattsson
 
Cloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeCloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeJoAnna Cheshire
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Priyanka Aash
 
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015Hebe On
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerPriyanka Aash
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themPriyanka Aash
 

What's hot (20)

8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker
 
Why Cyglass?
Why Cyglass? Why Cyglass?
Why Cyglass?
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...
 
SIEM game changer
SIEM game changerSIEM game changer
SIEM game changer
 
Cloud computing projects
Cloud computing projects Cloud computing projects
Cloud computing projects
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security Brokers
 
Blockchain for automation
Blockchain for automationBlockchain for automation
Blockchain for automation
 
Blockchain for network engineers
Blockchain for network engineersBlockchain for network engineers
Blockchain for network engineers
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4
 
Blockchain for automation
Blockchain for automation Blockchain for automation
Blockchain for automation
 
Cloud gateways for regulatory compliance
Cloud gateways for regulatory complianceCloud gateways for regulatory compliance
Cloud gateways for regulatory compliance
 
Cloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the HypeCloud Access Security Brokers - What's all the Hype
Cloud Access Security Brokers - What's all the Hype
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”Attacks on Critical Infrastructure: Insights from the “Big Board”
Attacks on Critical Infrastructure: Insights from the “Big Board”
 
Pulling our-socs-up
Pulling our-socs-upPulling our-socs-up
Pulling our-socs-up
 
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
Hebeon Technologies Providing Final year IEEE Projects Title 2014-2015
 
Insights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-centerInsights from-NSAs-cybersecurity-threat-operations-center
Insights from-NSAs-cybersecurity-threat-operations-center
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Soc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- themSoc 2030-socs-are-broken-lets-fix- them
Soc 2030-socs-are-broken-lets-fix- them
 

Viewers also liked

Como llegar a Excel
Como llegar a ExcelComo llegar a Excel
Como llegar a ExcelRRBY28635
 
Organizational fitness2013
Organizational fitness2013Organizational fitness2013
Organizational fitness2013Globant
 
Lab2 2 ubuntu-officeapplication
Lab2 2 ubuntu-officeapplicationLab2 2 ubuntu-officeapplication
Lab2 2 ubuntu-officeapplicationHaliuka Ganbold
 
Staffing event finance
Staffing event financeStaffing event finance
Staffing event financeBobby Munster
 
Confidentiality Training
Confidentiality TrainingConfidentiality Training
Confidentiality TrainingSuezqrdh
 
Embedding the ecosystem approach in policy: Problems and Potential
Embedding the ecosystem approach in policy: Problems and Potential Embedding the ecosystem approach in policy: Problems and Potential
Embedding the ecosystem approach in policy: Problems and Potential ruralfringe
 
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...LDriscoll11
 
Front legal 1--decreto-supremo-0-20150416_1032
Front legal 1--decreto-supremo-0-20150416_1032Front legal 1--decreto-supremo-0-20150416_1032
Front legal 1--decreto-supremo-0-20150416_1032Naida Labra
 
寫40個願望給未來
寫40個願望給未來寫40個願望給未來
寫40個願望給未來superspeaker
 
Playing around with rural futures in Birmingham and Nebraska
Playing around with rural futures in Birmingham and NebraskaPlaying around with rural futures in Birmingham and Nebraska
Playing around with rural futures in Birmingham and Nebraskaruralfringe
 

Viewers also liked (20)

The power-of-blogging
The power-of-bloggingThe power-of-blogging
The power-of-blogging
 
Korelasi
KorelasiKorelasi
Korelasi
 
Como llegar a Excel
Como llegar a ExcelComo llegar a Excel
Como llegar a Excel
 
Bab3
Bab3Bab3
Bab3
 
Ning california
Ning californiaNing california
Ning california
 
Organizational fitness2013
Organizational fitness2013Organizational fitness2013
Organizational fitness2013
 
Lab2 2 ubuntu-officeapplication
Lab2 2 ubuntu-officeapplicationLab2 2 ubuntu-officeapplication
Lab2 2 ubuntu-officeapplication
 
Opinator
OpinatorOpinator
Opinator
 
Boletin bibliografico
Boletin bibliograficoBoletin bibliografico
Boletin bibliografico
 
Ad hoc Networks
Ad hoc NetworksAd hoc Networks
Ad hoc Networks
 
Staffing event finance
Staffing event financeStaffing event finance
Staffing event finance
 
Confidentiality Training
Confidentiality TrainingConfidentiality Training
Confidentiality Training
 
Embedding the ecosystem approach in policy: Problems and Potential
Embedding the ecosystem approach in policy: Problems and Potential Embedding the ecosystem approach in policy: Problems and Potential
Embedding the ecosystem approach in policy: Problems and Potential
 
Measurement of NY
Measurement of NYMeasurement of NY
Measurement of NY
 
Lab4 internet
Lab4 internetLab4 internet
Lab4 internet
 
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...
The Effect Of Testing Parameters On The Functional Impact Resistance Of UPVC ...
 
Front legal 1--decreto-supremo-0-20150416_1032
Front legal 1--decreto-supremo-0-20150416_1032Front legal 1--decreto-supremo-0-20150416_1032
Front legal 1--decreto-supremo-0-20150416_1032
 
寫40個願望給未來
寫40個願望給未來寫40個願望給未來
寫40個願望給未來
 
Playing around with rural futures in Birmingham and Nebraska
Playing around with rural futures in Birmingham and NebraskaPlaying around with rural futures in Birmingham and Nebraska
Playing around with rural futures in Birmingham and Nebraska
 
Test
TestTest
Test
 

Similar to CryptTech 2015

Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxkarlhennesey
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
CEP and SOA: An Open Event-Driven Architecture for Risk Management
CEP and SOA: An Open Event-Driven Architecture for Risk ManagementCEP and SOA: An Open Event-Driven Architecture for Risk Management
CEP and SOA: An Open Event-Driven Architecture for Risk ManagementTim Bass
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMIftikhar Ali Iqbal
 
Using Event Processing to Enable Enterprise Security
Using Event Processing to Enable Enterprise SecurityUsing Event Processing to Enable Enterprise Security
Using Event Processing to Enable Enterprise SecurityTim Bass
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityRobert Herjavec
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Kangaroot
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics Robb Boyd
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practicesMihajlo Prerad
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS Cristian Garcia G.
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Cloudera, Inc.
 
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …Andris Soroka
 
#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the Cloud#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the CloudAlert Logic
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsEvident.io
 

Similar to CryptTech 2015 (20)

Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docx
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
CEP and SOA: An Open Event-Driven Architecture for Risk Management
CEP and SOA: An Open Event-Driven Architecture for Risk ManagementCEP and SOA: An Open Event-Driven Architecture for Risk Management
CEP and SOA: An Open Event-Driven Architecture for Risk Management
 
Security and-visibility
Security and-visibilitySecurity and-visibility
Security and-visibility
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEM
 
Using Event Processing to Enable Enterprise Security
Using Event Processing to Enable Enterprise SecurityUsing Event Processing to Enable Enterprise Security
Using Event Processing to Enable Enterprise Security
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence Platform
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)
 
Correlog Overview Presentation
Correlog Overview PresentationCorrelog Overview Presentation
Correlog Overview Presentation
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practices
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About Us
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
 
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
 
#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the Cloud#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the Cloud
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 

More from Mustafa Kuğu

Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdf
Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdfMarmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdf
Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdfMustafa Kuğu
 
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdf
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdfKVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdf
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdfMustafa Kuğu
 
PrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyPrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyMustafa Kuğu
 
CenturyDX-IT-Company
CenturyDX-IT-CompanyCenturyDX-IT-Company
CenturyDX-IT-CompanyMustafa Kuğu
 
Dataliva Company Brief 2024
Dataliva Company Brief 2024Dataliva Company Brief 2024
Dataliva Company Brief 2024Mustafa Kuğu
 
Right Consulting Turkiye - Eng.pptx
Right Consulting Turkiye - Eng.pptxRight Consulting Turkiye - Eng.pptx
Right Consulting Turkiye - Eng.pptxMustafa Kuğu
 
Three-S Retail Automation (AcilimSoft Product)
Three-S Retail Automation (AcilimSoft Product)Three-S Retail Automation (AcilimSoft Product)
Three-S Retail Automation (AcilimSoft Product)Mustafa Kuğu
 
Eng Three-S Hq (AcilimSoft Product)
Eng Three-S Hq (AcilimSoft Product)Eng Three-S Hq (AcilimSoft Product)
Eng Three-S Hq (AcilimSoft Product)Mustafa Kuğu
 
Telenity Solutions Brief
Telenity Solutions BriefTelenity Solutions Brief
Telenity Solutions BriefMustafa Kuğu
 
Netmera Presentation.pdf
Netmera Presentation.pdfNetmera Presentation.pdf
Netmera Presentation.pdfMustafa Kuğu
 
NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform Mustafa Kuğu
 
NTGapps DTB Platform.pdf
NTGapps DTB Platform.pdfNTGapps DTB Platform.pdf
NTGapps DTB Platform.pdfMustafa Kuğu
 
PRISMCRM_ENG_Real-Estate-CRM
PRISMCRM_ENG_Real-Estate-CRMPRISMCRM_ENG_Real-Estate-CRM
PRISMCRM_ENG_Real-Estate-CRMMustafa Kuğu
 
Inypay Pitch Deck - March 2023-Latest copy 2.pdf
Inypay Pitch Deck - March 2023-Latest copy 2.pdfInypay Pitch Deck - March 2023-Latest copy 2.pdf
Inypay Pitch Deck - March 2023-Latest copy 2.pdfMustafa Kuğu
 
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdf
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdfAçık-Kaynak-Kod-Geçiş-Rehberi-2023.pdf
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdfMustafa Kuğu
 
Startup Business Models
Startup Business ModelsStartup Business Models
Startup Business ModelsMustafa Kuğu
 
Navigating VC Negotiations
Navigating VC NegotiationsNavigating VC Negotiations
Navigating VC NegotiationsMustafa Kuğu
 
Quantum Computing Market Report
Quantum Computing Market ReportQuantum Computing Market Report
Quantum Computing Market ReportMustafa Kuğu
 

More from Mustafa Kuğu (20)

Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdf
Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdfMarmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdf
Marmara Üniversitesi Mx Yaratıcı Endüstriler Çalıştayı 2024 (1).pdf
 
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdf
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdfKVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdf
KVKK v.2.0 Güncel Yasa Değişiklikleri Notu.pdf
 
PrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyPrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5Company
 
KVKK-Kararlar.pdf
KVKK-Kararlar.pdfKVKK-Kararlar.pdf
KVKK-Kararlar.pdf
 
CenturyDX-IT-Company
CenturyDX-IT-CompanyCenturyDX-IT-Company
CenturyDX-IT-Company
 
Dataliva Company Brief 2024
Dataliva Company Brief 2024Dataliva Company Brief 2024
Dataliva Company Brief 2024
 
Right Consulting Turkiye - Eng.pptx
Right Consulting Turkiye - Eng.pptxRight Consulting Turkiye - Eng.pptx
Right Consulting Turkiye - Eng.pptx
 
Three-S Retail Automation (AcilimSoft Product)
Three-S Retail Automation (AcilimSoft Product)Three-S Retail Automation (AcilimSoft Product)
Three-S Retail Automation (AcilimSoft Product)
 
Eng Three-S Hq (AcilimSoft Product)
Eng Three-S Hq (AcilimSoft Product)Eng Three-S Hq (AcilimSoft Product)
Eng Three-S Hq (AcilimSoft Product)
 
Telenity Solutions Brief
Telenity Solutions BriefTelenity Solutions Brief
Telenity Solutions Brief
 
Netmera Presentation.pdf
Netmera Presentation.pdfNetmera Presentation.pdf
Netmera Presentation.pdf
 
NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
 
NTGapps DTB Platform.pdf
NTGapps DTB Platform.pdfNTGapps DTB Platform.pdf
NTGapps DTB Platform.pdf
 
PRISMCRM_ENG_Real-Estate-CRM
PRISMCRM_ENG_Real-Estate-CRMPRISMCRM_ENG_Real-Estate-CRM
PRISMCRM_ENG_Real-Estate-CRM
 
Inypay Pitch Deck - March 2023-Latest copy 2.pdf
Inypay Pitch Deck - March 2023-Latest copy 2.pdfInypay Pitch Deck - March 2023-Latest copy 2.pdf
Inypay Pitch Deck - March 2023-Latest copy 2.pdf
 
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdf
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdfAçık-Kaynak-Kod-Geçiş-Rehberi-2023.pdf
Açık-Kaynak-Kod-Geçiş-Rehberi-2023.pdf
 
Startup Business Models
Startup Business ModelsStartup Business Models
Startup Business Models
 
Navigating VC Negotiations
Navigating VC NegotiationsNavigating VC Negotiations
Navigating VC Negotiations
 
Quantum Computing Market Report
Quantum Computing Market ReportQuantum Computing Market Report
Quantum Computing Market Report
 
Product Metrics
Product MetricsProduct Metrics
Product Metrics
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

CryptTech 2015

  • 1. CYBER THREAT INTELLIGENCE – INNOVATIVE APPROACHES TARIK KOBALAS IDC IT SECURITY 2015
  • 2. Agenda CryptTech; company profile, background and milestones CryptTech upcoming products and channels Log , Log management and SIEM CryptoSIM, SIEM solution General overview Signature/Rule Based Correlation New Approach to SIEM, Machine Learning Project Threat Intelligence Simulation via CryptoSim Artificial intelligent Siem Project – Crypttech Threat Exchange
  • 3. Company Profile Leading R&D companies in Turkey in security intelligent solutions area ~3000 clients, small to large size enterprises over Turkey Our Services Log management Security Information and Event Management Hotspot solution Vulnerability and penetration tests Our Products CRYPTOLOG – Software based log manager CRYPTOSIM – Security Information and Event Management solution CRYPTOSPOT – Hotspot gateway Solution
  • 4. Milestones CRYPTOLOG log manager CRYPTOSPOT Hotspot gateway CRYPTOSIM SIEM solution +600 Enterpries +2000 Customers Turkey CryptTech started
  • 5. On Road Products… CryptoCTX - Crypttech Cyber Threat Exchange CryptoDLP - Data Lackage/Loss Prevention CryptoVMS – Vulnerability Management System CryptoWELA – Windows Event Log Analyser CryptoESC – Endpoint Security Client CryptoMON – Application and Network Monitoring System
  • 6. Logs, Log Management and SIEM What are LOGs? Why Log management? What is SIEM? Records of actions and requests of application, operating system, network devices, servers Log data need to be processed into actionable intelligence for further analysis, reports, compliance. Security Information and Event Management Security intelligence on APTs, Risks and Incident management
  • 7. Logs, Log Management and SIEM Collection Collect, Transport Parse, Normalize Categorize Analysis Search, Compliance Statistical reports Compression and Retention Correlation Events correlation Risk evaluation Alerts and Incident management Collection LOGs CRYPTOLOG CRYPTOSIM Correlation Analysis 7
  • 8. General Overview Security Intelligence across network Universal Visibility over one Interface Forensic Analysis Compliance, Regulations Out-Of-the-Box Reports Application Troubleshooting
  • 9. General Overview Threats Detection Event Correlation Risk Evaluation Incident Management CRYPTOLOG CORRELATION
  • 10. Correlation A Linking multiple events together to detect strange behavior Event Based Rules Based Anomaly Based Risk Based Association of different but related events to provide broader context Event Time Source AccessContext
  • 11. Correlation Types A Logical Correlation Cross Correlation Basic Correlation Basic Correlation Logical Correlation Cross Correlation Contextual Correlation Historical Correlation Hierarchical Correlation Contextual Correlation Historical Correlation Hierarchical Correlation Simple Rules, Login failures Performing cross correlation Between different source logs Of same events Based on priority assignment To events through a logical tree algorithm Based on asset’s characteristics Signature based and Anomaly based threat detection From previously gathered data Re-correlates the stored log with different correlation rules
  • 12. Threat Intelligence A PortScan DMZ PortScan 5 Risk Level PortScan Detected Web Servers Detected by Hacker SQL Injection SQL Injection 6 SQL Injection Detected Deploying Payload Symetric Traffic 7 Symetric Traffic Detected Infected Web Server Open Connection 8 Open Connection to LAN by infected server Exploit 9 Windows Exploited – New User added 10 Windows Exploited – User Added Domain Admin Group
  • 13. The more data, the more efficiency… Big data analytics from the point of Security view Complexity of system Thousands of correlation rules, billions or records for a day Elimination of false positives Updated rules, advancing system Professional services and expert team Unfortunately you need more and more data Solution is CTX – Threat Exchange Service
  • 14. Innovative Aproaches to SIEM A CTX Crypttech Threat Exchange Advanced Threat and Malware Analyses Services CTX Agent Rules ML – Central Machine Learning Grid ML New CryptoSIM Engine Data New Rules Data New Rules CRYPTTECH SOC
  • 15. Contact Info www.crypttech.com info@crypttech.com +90 212 217 7017 http://support.crypttech.com www.facebook.com/crypttech www.twitter.com/crypttech A

Editor's Notes

  1. Merhabalar, Hoşgeldiniz, İsmim Tarık Kobalas, Bu oturumda sizlere Siber Saldırı Tespitlerinde Yenilikçi Yaklaşımlar başlığı altında öğrenebilir bilgi güvenliği ve olay yönetim sisteminden bahsetmeye çalışıcam. Aynı zamanda kural tabanlı bir SIEM sistemiyle APT (gelişmiş kalıcı tehditlerini) yakalayan bir senaryoyu örneklendireceğim. Öncelikle şirketimiz Crypttech hakkında bilgi vereyim. Crypttech 2006 yılında kurulmuş, bilgi güvenliği alanında ürünler üreten %100 Yerli bir yazılım şirketidir.
  2. Yaklaşık 5 senedir SIEM ürünümüz ile birlikte Bilgi Güvenliği alanında birçok projede yer aldık. Edindiğimiz tecrübeler ile ürünümüzü daha ileri taşıdık. Şimdi yenilikçi yaklaşımlar ve gelecek nesil modeller üzerine çalışıyoruz. Siem sistemlerinin ötesinde Yeni Teknolojiler geliştireceğiz.
  3. Şu an geliştirilmesi devam eden ürünlerimizden ilk dördünü 2015 ikinci çeyrek sonuna kadar piyasa sürmeyi planlıyoruz. Kalan iki ürünümüzü de 2015 sonunda lansmanının yapacağız. Bazı projelerimizde bu ürünlerinden birkaçının beta versiyonlarını kullanmaya başladık. CTX – Siber tehdit ve analiz servisimizi detaylı olarak sunumun ilerleyen kısımlarında aktaracağım. DLP – Data Lackage Prevention ürünümüzün beta testleri devam etmekte. DLP’nin alt kolu NLP (doğal dil işleme) modülü için özel bir çalışma yapıyoruz. Bu konuda Türkçe verilerde başarı oranlarının düşük olduğunu görmekteyiz. Bu sebeple, Türkçe metin ve içerikleri anlayacak, zararlı sızmaları önleyecek algoritmalar üzerine geliştirmelerimiz devam ediyor. VMS – Güvenlik açıklıkları yönetim sistemi. Yıllar önce Türkiyenin önde gelen bir ISP’si yaptığımız projeyi ürün haline getiriyoruz. Bir çatı çözüm olacak. Birçok zafiyet tarama sisteminin sonuçlarını kullanarak ilişkilendiren sistem üzerinde çalışıyoruz. WELA – Sadece Windows sistemlerin güvenlik olay günlüklerinden, anormallik, zafiyet çıkaran bir ürün. ESC – Uç nokta güvenliği, uygulama, port, erişim kontrolleri yapan, verinin dışarı çıkmasını izleyen ve engelleyebilen bir ürün. MON – Uygulama, servis, Erişilebilirlik kontrolü yapan ürünümüz. Web servis, sitelerin çalışırlık durumunu, içerik değişikliklierini, iç içe akışları kontrol eden.
  4. Temelde bir olay yönetimi olarak düşünebiliriz SIEM sistemlerini. Veritabanına bir uygulama ya da kişinin bağlanması olaydır. Bu olaya bir risk değeri atarsanız artık risk değerlendirmedir. Bir servisin kişinin yetkilerinin olmadığı veritabanı, tablo, dosya sistemi üzerinde işlem yapılabiliyor olması riskli bir durumdur. Ve bu durumu başka bir veri ile ilişkilendirebiliyorsanız korelasyondur. Firewall kayıtlarından bu kişinin dışarıdan geldiğini bulabiliyorsanız sakıncalı bir durumdur. Birçok farklı ilişkilendirme kurallarını devreye aldığınız zaman artık bir saldırı tespitidir.
  5. Korelasyon, bağımlı ilişkilendirme olarak tanımlanabilir. CryptoSIM ürünümüz ile Olay tabanlı, kural tabanlı, anormallik tabanlı, risk tabanlı bir ya da birden fazla çeşit kaynağı ilişkilendirebiliyoruz. Böylelikle, zaman, adet, varlık değeri ekseninde davranışsal analizler yapabiliyoruz.
  6. Biz bunların hepsini 2010dan beri CryptoSim ile sağlıyoruz.
  7. Artık kurumlara özgü worm, solucan lar yazılmakta. İmza tabanlı sistemler bu olayı yakalayamamakta. Çünkü bu signature lar daha önce karşılaşılmamış. Dolayısıyla Güvenlik duvarları, IPS/IDS sistemleri bu tür saldırıları bulamamakta. Bu tür davranışsal analizler başarılı bir SIEM ürünü yapabilirsiniz. Bu örnekte saldırgan internete açık sunuculara bir port taraması gerçekleştiriyor. CryptoSim fw loğları aldığı için, bir IP den farklı Portlara erişilmeye çalışıldığını farkederek bunun bir port taraması olduğunu algılıyor ve Risk Seviyesi 5 olarak alarmı üretiyor. Sonrasında saldırgan DMZ ağında bulduğu web sunuculara SQL injection denemeleri yapıyor. CryptoSim hem fw hem web server loğlarını alarak ve daha önceki saldırı/IP ile ilişkilendirerek SQL injection saldırısını, risk seviyesi 1 artırarark alarmı veriyor. Sonrasında saldırgan injecte edebileceği sunucu olduğunu görüp bir exploit kullanarak karşı tarafa bir program/payload yüklüyor. CryptoSim bu saldırı sonrasında firewall loğlarından ve önceki saldırıları da ilişkilendirerek Simetric Trafiği buluyor. Ve başarılı olmuş saldırıyı tespit edip alarm sevisyesini 1 yükseltiyor. Sonrasında saldırgan ele geçirdiği web sunucu üzerinden local networkteki sunuculara açık bağlantılar aramaya çalışıyor. CryptoSim local fw loğunu da işlediği için, ve önceki saldırılarla ilişkilendirdiği iç ağa başarılı bağlantıyı tespit edip risk seviyesini 1 artırarak alarm veriyor. Sonrasında saldırgan local networkteki sunuculara bir erişim olduğunu farkedip, olası exploitleri deneyip bir tanesinde başarılı olup karşı sunucuda bir kullanıcı oluşturuyor. CryptoSim iç sunucu kayıtlarını ve iç firewall kayıtlarını topladığı için bu loğlar ile önceki saldırıları ilişkilendirip, saldırgan tarafından bir kullanıcı açıldığını tespit edip risk seviyesini 1 artırarak alarm veriyor. Ve en son olarak ele geçirdiği sunucu üzerinde oluşturduğu kullanıcıyı, yine bir exploit kullanarak Domain Admin grubuna ekliyor. CryptoSim bu sunucu ve domain admin kayıtlarını da topladığı için bu kayıtları ve önceki saldırıları ilişkilendirip saldırgan tarafından domain admin grubuna kullanıcı eklendiğini tespit ederek risk seviyesini 1 artırarak alarm veriyor. Bu senaryo kurgulanmış bir veri değildir, gerçekleştirilmiş veri setinden alınmıştır.
  8. Yıldız Teknik Üniversitesi, Bilgisayar Mühendisliği Bölümü ile ortaklaşa yürüttüğümüz projede CTX(Crypttech Threat Exchange) servislerini 2015 itibari ile piyasa çıkarıyoruz. Bu ürünümüz, CryptoSim motoru ile beraber bir makine öğrenmesi sisteminin çalıştığı bir altyapı sağlamaktadır. CryptoSim motorunun işlediği kural setlerinin algılayamadığı tehditleri makine öğrenmesi ile tespit eden bir yapıdan oluşuyor. Bunlar doğrudan yeni kural setleri olarak girilebildiği gibi merkezi «siber tehdit ve malware analiz servisleri» ne gönderecek. Birçok dağıtık sunucuda oluşan olayları, Crypttech tehdit ve analiz servisleri bu yeni tehdit adayını analiz etmesi için diğer sensörlerden gelen verilerle karşılaştıracak. Merkezi Makine Öğrenmesi Algoritmalarını da kullanarak, sınıflandırıp Crypttech Ar-ge/SOC ekibine iletecek. Bu olay onaylandıktan sonra tüm sensörlere kural olarak gönderilecek ve servisi almak isteyen tüm müşteri ve iş ortaklarına bu hizmet verilecek. Aynı zamanda bu sistemin bir parçası olarak CryptoSim den bağımsız projelendirilecek olan CTX Agent uygulamamız, bu hizmetten gelen verilere göre anormallikleri ve tehditleri tespit edip alarmlar üretecek.