SlideShare a Scribd company logo
INTELLIGENT SECURITY OPERATIONS 1© Intel Corporation© Intel Corporation© Intel Corporation
Buscas una Seguridad
integrada y dinámica?
Inteligencia y colaboración la platarforma
de un modelo efectivo y eficiente
Juan Pablo Páez, CISSP, CISM
Sales Engineer Manager, MC LTAMs
Intel Security
INTELLIGENT SECURITY OPERATIONS 2© Intel Corporation
Security Executive Council
Questions: Where to Focus? How would you prioritize?
Automatic discovery
of significant
missed attacks
A
Visualization and
context to interpret
suspected attacks
B
Orchestration of
containment and
remediation
C
Management of
incoming threat
intelligence
D
INTELLIGENT SECURITY OPERATIONS 3© Intel Corporation
Market Research: Key Findings
SOC triage is broken SOC investigations take too long SOC is too dependent on humans
• 25% of alerts are
never triaged
• Least skilled and
experienced SOC
member makes the most
important decisions
• Takes weeks to do a
thorough investigation
• 75% time and effort
spent collecting data
• 25% time and effort
analyzing data to bring
investigation to a
conclusion
• SOC T1 role is the most
populous, yet poor ROI
• Investigation quality is
highly dependent on
human skill-levels
• There are low levels of
automation (esp. expert
knowledge) in the SOC
INTELLIGENT SECURITY OPERATIONS 4© Intel Corporation
Workflow for Attack Investigations
Logs,endpoint
data,etc.
Anomaly
Analytics
Deception
Technology
Behavioral
Analytics
Correlation
(via SIEM)
External
Threat Intelligence
Collect
Linking
Merging
Preliminary
Scoping
Triage
Ranking
Prioritize
Detailed
Scoping
Visualization
Enrichment
Scope
Quarantine
Remediate
Update and
Improve
Share
(Optional)
Respond
INTELLIGENT SECURITY OPERATIONS 5© Intel Corporation
Automatization Proposal
Logs,endpoint
data,etc.
Anomaly
Analytics
Deception
Technology
Behavioral
Analytics
Correlation
(via SIEM)
External
Threat Intelligence Linking
Merging
Preliminary
Scoping
Ranking
Detailed
Scoping
Visualization
Enrichment
Quarantine
Remediate
Update and
Improve
Share
(Optional)
Collect Triage Prioritize Scope Respond
Leverage a mature
Big Data platform to
effectively harness
and manage your data
Accelerate triage with
automatic case build-out
and expansion
Prioritize cases to improve
focus on the right attacks
Re-construct attacks with
evidence collection to speed
up investigation, decision-
making, and response
accuracy
INTELLIGENT SECURITY OPERATIONS 6© Intel Corporation
SIEM makeup result of organic evolution
Log Management + Analytics + Security Monitoring + Investigation + Response “In a Box”
Data
Ingestion
Parsing /
Normalization
Data
Management
Streaming
Analytics
Batch / Historical
Analytics
Log Mgmt,
Compliance, &
Forensics
Security
Monitoring
Corrective
Actions
Incident
Investigation
IntelligentSecurity
Operations
(Detection & Correction)
Integrations & EDR
Log &
Compliance
Mgmt
Data Platform
(SIEM)
Security
Analytics
(SIEM)
INTELLIGENT SECURITY OPERATIONS 7© Intel Corporation
Threat detection and hunting tools evolving
Devices Servers
Security
Products
Infra Svc
(ie DNS)
OtherNetwork
SIEM
Analytics
(ie UEBA)
Attack Investigation &
Response
Event & data
sources
Detection &
prioritization
of incidents
Investigation
& Response
EDR
Data/events
Potential
Incidents
Queries&
Actions
SecurityAnalytics
INTELLIGENT SECURITY OPERATIONS 8© Intel Corporation
INTELLIGENT SECURITY OPERATIONS 9© Intel Corporation
Cyber Resilience
Journey to build better security operations
Defense against
targeted threats?
COMPLIANCE-DRIVEN
INTELLIGENCE-DRIVEN
ANALYTICS-DRIVEN
OPERATIVE
FOUNDATION
INTEGRATED
Covering all operating
environments and
insider threats?
Meeting regulatory
compliance requirements?
1
2
3
2
Where is YOUR Focus?
Intel and the Intel and McAfee logosare trademarksof Intel Corporation inthe US and/or other countries. Other marksand brands may be claimed asthe property of others. The product
plans, specificationsand descriptionsherein are provided for information only and subject to changewithout notice, andare provided without warranty of any kind, expressor implied.
Copyright © 2017 Intel Corporation.

More Related Content

What's hot

DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
Shah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
Shah Sheikh
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
Shah Sheikh
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
Darryl Santa
 
FINTECH: Industries we Serve
FINTECH: Industries we ServeFINTECH: Industries we Serve
FINTECH: Industries we Serve
The TNS Group
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
Robert Herjavec
 
FINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYFINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITY
SecureData Europe
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Perimeter Protection Solutions
Perimeter Protection SolutionsPerimeter Protection Solutions
Perimeter Protection Solutions
The TNS Group
 
IT Services Solutions
IT Services SolutionsIT Services Solutions
IT Services Solutions
The TNS Group
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
Robert Herjavec
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
Sounil Yu
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
CMR WORLD TECH
 
Top 10 Cybersecurity Tips of 2022
Top 10 Cybersecurity Tips of 2022Top 10 Cybersecurity Tips of 2022
Top 10 Cybersecurity Tips of 2022
The TNS Group
 
Introduction and a Look at Security Trends
Introduction and a Look at Security TrendsIntroduction and a Look at Security Trends
Introduction and a Look at Security Trends
Priyanka Aash
 
IT Consultng
IT ConsultngIT Consultng
IT Consultng
The TNS Group
 
Construction: Protect Your Assets From Ground-Breaking Threats
Construction: Protect Your Assets From Ground-Breaking ThreatsConstruction: Protect Your Assets From Ground-Breaking Threats
Construction: Protect Your Assets From Ground-Breaking Threats
The TNS Group
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
Infrastructure and Desktop Support
Infrastructure and Desktop SupportInfrastructure and Desktop Support
Infrastructure and Desktop Support
The TNS Group
 
Managed Security Solutions
Managed Security SolutionsManaged Security Solutions
Managed Security Solutions
The TNS Group
 

What's hot (20)

DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
 
FINTECH: Industries we Serve
FINTECH: Industries we ServeFINTECH: Industries we Serve
FINTECH: Industries we Serve
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
 
FINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYFINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITY
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Perimeter Protection Solutions
Perimeter Protection SolutionsPerimeter Protection Solutions
Perimeter Protection Solutions
 
IT Services Solutions
IT Services SolutionsIT Services Solutions
IT Services Solutions
 
LIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR OverviewLIFT OFF 2017: Ransomware and IR Overview
LIFT OFF 2017: Ransomware and IR Overview
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Top 10 Cybersecurity Tips of 2022
Top 10 Cybersecurity Tips of 2022Top 10 Cybersecurity Tips of 2022
Top 10 Cybersecurity Tips of 2022
 
Introduction and a Look at Security Trends
Introduction and a Look at Security TrendsIntroduction and a Look at Security Trends
Introduction and a Look at Security Trends
 
IT Consultng
IT ConsultngIT Consultng
IT Consultng
 
Construction: Protect Your Assets From Ground-Breaking Threats
Construction: Protect Your Assets From Ground-Breaking ThreatsConstruction: Protect Your Assets From Ground-Breaking Threats
Construction: Protect Your Assets From Ground-Breaking Threats
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Infrastructure and Desktop Support
Infrastructure and Desktop SupportInfrastructure and Desktop Support
Infrastructure and Desktop Support
 
Managed Security Solutions
Managed Security SolutionsManaged Security Solutions
Managed Security Solutions
 

Similar to BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA PLATAFORMA DE UN MODELO EFECTIVO Y EFICIENTE DE SEGURIDAD MCAFEE

Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
Računalna forenzika i automatizirani odgovor na mrežne incidente
Računalna forenzika i automatizirani odgovor na mrežne incidenteRačunalna forenzika i automatizirani odgovor na mrežne incidente
Računalna forenzika i automatizirani odgovor na mrežne incidente
Damir Delija
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013   SIEM based …Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013   SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Andris Soroka
 
encase enterprise
 encase enterprise  encase enterprise
encase enterprise
Damir Delija
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
MITRE ATT&CK
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
thinkASG
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
TI Safe
 
Eng Solutions - Capability Statement-Latest
Eng Solutions - Capability Statement-LatestEng Solutions - Capability Statement-Latest
Eng Solutions - Capability Statement-Latest
Hank Eng, CISSP, CISA, CISM
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
Ivanti
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
DFLABS SRL
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
OWASP Delhi
 
Open Source Incident Management - BSides DC 2017 Presentation
Open Source Incident Management - BSides DC 2017 PresentationOpen Source Incident Management - BSides DC 2017 Presentation
Open Source Incident Management - BSides DC 2017 Presentation
Christopher Ensey
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Spo2 t17
Spo2 t17Spo2 t17

Similar to BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA PLATAFORMA DE UN MODELO EFECTIVO Y EFICIENTE DE SEGURIDAD MCAFEE (20)

Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 
Računalna forenzika i automatizirani odgovor na mrežne incidente
Računalna forenzika i automatizirani odgovor na mrežne incidenteRačunalna forenzika i automatizirani odgovor na mrežne incidente
Računalna forenzika i automatizirani odgovor na mrežne incidente
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013   SIEM based …Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013   SIEM based …
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
 
encase enterprise
 encase enterprise  encase enterprise
encase enterprise
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
 
Eng Solutions - Capability Statement-Latest
Eng Solutions - Capability Statement-LatestEng Solutions - Capability Statement-Latest
Eng Solutions - Capability Statement-Latest
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
 
Open Source Incident Management - BSides DC 2017 Presentation
Open Source Incident Management - BSides DC 2017 PresentationOpen Source Incident Management - BSides DC 2017 Presentation
Open Source Incident Management - BSides DC 2017 Presentation
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
Spo2 t17
Spo2 t17Spo2 t17
Spo2 t17
 

More from Cristian Garcia G.

Making App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyMaking App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously Easy
Cristian Garcia G.
 
Ciberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCiberseguridad Alineada al Negocio
Ciberseguridad Alineada al Negocio
Cristian Garcia G.
 
Reducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadReducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridad
Cristian Garcia G.
 
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Cristian Garcia G.
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
Cristian Garcia G.
 
Symantec Enterprise Cloud
Symantec Enterprise CloudSymantec Enterprise Cloud
Symantec Enterprise Cloud
Cristian Garcia G.
 
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Cristian Garcia G.
 
Protección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterProtección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-Datacenter
Cristian Garcia G.
 
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoLa Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
Cristian Garcia G.
 
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Cristian Garcia G.
 
Gestión de la Exposición
Gestión de la ExposiciónGestión de la Exposición
Gestión de la Exposición
Cristian Garcia G.
 
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cristian Garcia G.
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoUn enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Cristian Garcia G.
 
La crisis de identidad que se avecina
La crisis de identidad que se avecinaLa crisis de identidad que se avecina
La crisis de identidad que se avecina
Cristian Garcia G.
 
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoSimplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Cristian Garcia G.
 
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Cristian Garcia G.
 
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCStay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Cristian Garcia G.
 
La evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteLa evolución de IBM Qradar Suite
La evolución de IBM Qradar Suite
Cristian Garcia G.
 
Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD
Cristian Garcia G.
 
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Cristian Garcia G.
 

More from Cristian Garcia G. (20)

Making App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyMaking App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously Easy
 
Ciberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCiberseguridad Alineada al Negocio
Ciberseguridad Alineada al Negocio
 
Reducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadReducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridad
 
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Symantec Enterprise Cloud
Symantec Enterprise CloudSymantec Enterprise Cloud
Symantec Enterprise Cloud
 
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
 
Protección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterProtección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-Datacenter
 
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoLa Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
 
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
 
Gestión de la Exposición
Gestión de la ExposiciónGestión de la Exposición
Gestión de la Exposición
 
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoUn enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
 
La crisis de identidad que se avecina
La crisis de identidad que se avecinaLa crisis de identidad que se avecina
La crisis de identidad que se avecina
 
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoSimplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
 
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
 
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCStay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
 
La evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteLa evolución de IBM Qradar Suite
La evolución de IBM Qradar Suite
 
Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD
 
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
 

Recently uploaded

Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
Competition and Regulation in Professions and Occupations – OECD – June 2024 ...Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
OECD Directorate for Financial and Enterprise Affairs
 
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
OECD Directorate for Financial and Enterprise Affairs
 
2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
Frederic Leger
 
Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
gharris9
 
Updated diagnosis. Cause and treatment of hypothyroidism
Updated diagnosis. Cause and treatment of hypothyroidismUpdated diagnosis. Cause and treatment of hypothyroidism
Updated diagnosis. Cause and treatment of hypothyroidism
Faculty of Medicine And Health Sciences
 
Carrer goals.pptx and their importance in real life
Carrer goals.pptx  and their importance in real lifeCarrer goals.pptx  and their importance in real life
Carrer goals.pptx and their importance in real life
artemacademy2
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Dutch Power
 
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
Suzanne Lagerweij
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
faizulhassanfaiz1670
 
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
SkillCertProExams
 
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPointMẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
1990 Media
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
amekonnen
 
ASONAM2023_presection_slide_track-recommendation.pdf
ASONAM2023_presection_slide_track-recommendation.pdfASONAM2023_presection_slide_track-recommendation.pdf
ASONAM2023_presection_slide_track-recommendation.pdf
ToshihiroIto4
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
kkirkland2
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Dutch Power
 
XP 2024 presentation: A New Look to Leadership
XP 2024 presentation: A New Look to LeadershipXP 2024 presentation: A New Look to Leadership
XP 2024 presentation: A New Look to Leadership
samililja
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Access Innovations, Inc.
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Rosie Wells
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
gharris9
 

Recently uploaded (19)

Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
Competition and Regulation in Professions and Occupations – OECD – June 2024 ...Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
Competition and Regulation in Professions and Occupations – OECD – June 2024 ...
 
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
 
2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
 
Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
 
Updated diagnosis. Cause and treatment of hypothyroidism
Updated diagnosis. Cause and treatment of hypothyroidismUpdated diagnosis. Cause and treatment of hypothyroidism
Updated diagnosis. Cause and treatment of hypothyroidism
 
Carrer goals.pptx and their importance in real life
Carrer goals.pptx  and their importance in real lifeCarrer goals.pptx  and their importance in real life
Carrer goals.pptx and their importance in real life
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
 
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
Suzanne Lagerweij - Influence Without Power - Why Empathy is Your Best Friend...
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
 
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
Mastering the Concepts Tested in the Databricks Certified Data Engineer Assoc...
 
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPointMẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
Mẫu PPT kế hoạch làm việc sáng tạo cho nửa cuối năm PowerPoint
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
 
ASONAM2023_presection_slide_track-recommendation.pdf
ASONAM2023_presection_slide_track-recommendation.pdfASONAM2023_presection_slide_track-recommendation.pdf
ASONAM2023_presection_slide_track-recommendation.pdf
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
 
XP 2024 presentation: A New Look to Leadership
XP 2024 presentation: A New Look to LeadershipXP 2024 presentation: A New Look to Leadership
XP 2024 presentation: A New Look to Leadership
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
 

BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA PLATAFORMA DE UN MODELO EFECTIVO Y EFICIENTE DE SEGURIDAD MCAFEE

  • 1. INTELLIGENT SECURITY OPERATIONS 1© Intel Corporation© Intel Corporation© Intel Corporation Buscas una Seguridad integrada y dinámica? Inteligencia y colaboración la platarforma de un modelo efectivo y eficiente Juan Pablo Páez, CISSP, CISM Sales Engineer Manager, MC LTAMs Intel Security
  • 2. INTELLIGENT SECURITY OPERATIONS 2© Intel Corporation Security Executive Council Questions: Where to Focus? How would you prioritize? Automatic discovery of significant missed attacks A Visualization and context to interpret suspected attacks B Orchestration of containment and remediation C Management of incoming threat intelligence D
  • 3. INTELLIGENT SECURITY OPERATIONS 3© Intel Corporation Market Research: Key Findings SOC triage is broken SOC investigations take too long SOC is too dependent on humans • 25% of alerts are never triaged • Least skilled and experienced SOC member makes the most important decisions • Takes weeks to do a thorough investigation • 75% time and effort spent collecting data • 25% time and effort analyzing data to bring investigation to a conclusion • SOC T1 role is the most populous, yet poor ROI • Investigation quality is highly dependent on human skill-levels • There are low levels of automation (esp. expert knowledge) in the SOC
  • 4. INTELLIGENT SECURITY OPERATIONS 4© Intel Corporation Workflow for Attack Investigations Logs,endpoint data,etc. Anomaly Analytics Deception Technology Behavioral Analytics Correlation (via SIEM) External Threat Intelligence Collect Linking Merging Preliminary Scoping Triage Ranking Prioritize Detailed Scoping Visualization Enrichment Scope Quarantine Remediate Update and Improve Share (Optional) Respond
  • 5. INTELLIGENT SECURITY OPERATIONS 5© Intel Corporation Automatization Proposal Logs,endpoint data,etc. Anomaly Analytics Deception Technology Behavioral Analytics Correlation (via SIEM) External Threat Intelligence Linking Merging Preliminary Scoping Ranking Detailed Scoping Visualization Enrichment Quarantine Remediate Update and Improve Share (Optional) Collect Triage Prioritize Scope Respond Leverage a mature Big Data platform to effectively harness and manage your data Accelerate triage with automatic case build-out and expansion Prioritize cases to improve focus on the right attacks Re-construct attacks with evidence collection to speed up investigation, decision- making, and response accuracy
  • 6. INTELLIGENT SECURITY OPERATIONS 6© Intel Corporation SIEM makeup result of organic evolution Log Management + Analytics + Security Monitoring + Investigation + Response “In a Box” Data Ingestion Parsing / Normalization Data Management Streaming Analytics Batch / Historical Analytics Log Mgmt, Compliance, & Forensics Security Monitoring Corrective Actions Incident Investigation IntelligentSecurity Operations (Detection & Correction) Integrations & EDR Log & Compliance Mgmt Data Platform (SIEM) Security Analytics (SIEM)
  • 7. INTELLIGENT SECURITY OPERATIONS 7© Intel Corporation Threat detection and hunting tools evolving Devices Servers Security Products Infra Svc (ie DNS) OtherNetwork SIEM Analytics (ie UEBA) Attack Investigation & Response Event & data sources Detection & prioritization of incidents Investigation & Response EDR Data/events Potential Incidents Queries& Actions SecurityAnalytics
  • 8. INTELLIGENT SECURITY OPERATIONS 8© Intel Corporation
  • 9. INTELLIGENT SECURITY OPERATIONS 9© Intel Corporation Cyber Resilience Journey to build better security operations Defense against targeted threats? COMPLIANCE-DRIVEN INTELLIGENCE-DRIVEN ANALYTICS-DRIVEN OPERATIVE FOUNDATION INTEGRATED Covering all operating environments and insider threats? Meeting regulatory compliance requirements? 1 2 3 2 Where is YOUR Focus?
  • 10. Intel and the Intel and McAfee logosare trademarksof Intel Corporation inthe US and/or other countries. Other marksand brands may be claimed asthe property of others. The product plans, specificationsand descriptionsherein are provided for information only and subject to changewithout notice, andare provided without warranty of any kind, expressor implied. Copyright © 2017 Intel Corporation.