SlideShare a Scribd company logo

Big Data - Amplifying Security Intelligence

IBM Danmark
IBM Danmark

The document discusses how security intelligence can be amplified through the use of big data and advanced analytics. It describes how traditional security approaches are no longer sufficient due to evolving attack tactics and an increasingly blurred cyber perimeter. The document advocates adopting both defensive and proactive security mindsets and using big data to gain greater visibility and detect threats through analyzing non-traditional data sources in real-time. Use cases demonstrate how security intelligence derived from big data analytics can help identify command and control domains, pursue spear phishing attacks, and improve breach detection.

BusinessTechnology
1 of 23
Download to read offline
© 2012 IBM Corporation IBM Security Systems 1 IBM Security Systems © 2012 IBM Corporation Amplifying Security Intelligence With Big Data and Advanced Analytics Vijay Dheap Global Product Manager, Master Inventor Big Data Security Intelligence & Mobile Security
© 2012 IBM Corporation IBM Security Systems 2 IBM Security Systems Welcome to a Not So Friendly Cyber World… Biggest Bank Heist in History Nets $45Million All without setting foot in a Bank… Cyber Espionage via Social Networking Sites Target: US DOD Officials Hidden Malware Steals 3000 Confidential Documents – Japanese Ministry
© 2012 IBM Corporation IBM Security Systems 3 IBM Security Systems Playing Defense… Traditional Approach to Security Predicated on a Defensive MindsTraditional Approach to Security Predicated on a Defensive Mindsetet Assumes explicit organizational perimeter Optimized for combating external threats Presumes standardization mitigates risk Dependent on general awareness of attack methodologies Requires monitoring and control of traffic flows Layered Defenses Essential for Good Security Hygiene and Addressing Traditional Security Threats…but attackers adapting too Origins of Security Intelligence
© 2012 IBM Corporation IBM Security Systems 4 IBM Security Systems Business Change is Coming…If Not Already Here Enterprises are Undergoing Dynamic TransformationsEnterprises are Undergoing Dynamic Transformations The Organization’s Cyber Perimeter is Being Blurred…It can no longer be assumed
© 2012 IBM Corporation IBM Security Systems 5 IBM Security Systems Evolving Attack Tactics…Focus on Breaching Defenses
© 2012 IBM Corporation IBM Security Systems 6 IBM Security Systems A Look at the Emerging Threat Landscape Targeted, Persistent, Clandestine Situational, Subversive, Unsanctioned Focused, Well-Funded, ScalableTopical, Disruptive, Public Concealed, Motivated, Opportunistic
© 2012 IBM Corporation IBM Security Systems 7 IBM Security Systems Incorporating a More Proactive Mindset to Enterprise Security Detect, Analyze & Remediate Think like an attacker, counter intelligence mindset Protect high value assets Emphasize the data Harden targets and weakest links Use anomaly-based detection Baseline system behavior Consume threat feeds Collect everything Automate correlation and analytics Gather and preserve evidence Audit, Patch & Block Think like a defender, defense-in-depth mindset Protect all assets Emphasize the perimeter Patch systems Use signature-based detection Scan endpoints for malware Read the latest news Collect logs Conduct manual interviews Shut down systems Broad Targeted
© 2012 IBM Corporation IBM Security Systems 8 IBM Security Systems Greater Need for Security Intelligence… Visibility across organizational security systems to improve response times and incorporate adaptability/flexibility required for early detection of threats or risky behaviors
© 2012 IBM Corporation IBM Security Systems 9 IBM Security Systems Diversity & Sophistication of Attacks Placing Greater Demands… 1. Analyze a variety of non-traditional and unstructured datasets 2. Significantly increase the volume of data stored for forensics and historic analysis 3. Visualize and query data in new ways 4. Integrate with my current operations 1. Analyze a variety of non-traditional and unstructured datasets 2. Significantly increase the volume of data stored for forensics and historic analysis 3. Visualize and query data in new ways 4. Integrate with my current operations Amplify Security Intelligence with New Insights from Big DataAmplify Security Intelligence with New Insights from Big Data Big Data Analytics LogsLogs EventsEvents AlertsAlerts Traditional Security Operations and Technology ConfigurationConfiguration informationinformation SystemSystem audit trailsaudit trails External threatExternal threat intelligence feedsintelligence feeds Network flowsNetwork flows and anomaliesand anomalies IdentityIdentity contextcontext Web pageWeb page texttext Full packet andFull packet and DNS capturesDNS captures EE--mail andmail and social activitysocial activity BusinessBusiness process dataprocess data CustomerCustomer transactionstransactions
© 2012 IBM Corporation IBM Security Systems 10 IBM Security Systems Big Data Brings New Considerations & Empowers Powerful Analysis Storage and Processing Collection and integration Size and speed Enrichment and correlation Analytics and Workflow Visualization Unstructured analysis Learning and prediction Customization Sharing and export Transforming Data to Insights Requires Some Infrastructure ConsiTransforming Data to Insights Requires Some Infrastructure Considerationsderations
© 2011 IBM Corporation11 IBM Confidential IBM Security Strategy Confidential – for division executives only IBM Security Strategy Use Cases
© 2012 IBM Corporation IBM Security Systems 12 IBM Security Systems Security Intelligence From Real-time Processing of Big Data Behavior monitoring and flow analytics Activity and data access monitoring Stealthy malware detection Irrefutable Botnet Communication Layer 7 flow data shows botnet command and control instructions Irrefutable Botnet Communication Layer 7 flow data shows botnet command and control instructions Improved Breach Detection 360-degree visibility helps distinguish true breaches from benign activity, in real-time Improved Breach Detection 360-degree visibility helps distinguish true breaches from benign activity, in real-time Network Traffic Doesn‘t Lie Attackers can stop logging and erase their tracks, but can’t cut off the network (flow data) Network Traffic Doesn‘t Lie Attackers can stop logging and erase their tracks, but can’t cut off the network (flow data)
© 2012 IBM Corporation IBM Security Systems 13 IBM Security Systems Security Intelligence with Investigative Analysis of Big Data: Hunting for External Command & Control (C&C) Domains of an AttacHunting for External Command & Control (C&C) Domains of an Attackerker Advanced analytics identify suspicious domains Why only a few hits across the entire organization to these domains? Correlating to public DNS registry information increases suspicions Historical analysis of DNS activity within organization Automate correlation against external DNS registries
© 2012 IBM Corporation IBM Security Systems 14 IBM Security Systems Enrich Real-Time Analysis with Insights from Investigative Analysis Monitor & Thwart Connections to Potential C&C Domains of an AttaMonitor & Thwart Connections to Potential C&C Domains of an Attackercker Correlate against network activity and visualize View real-time data and look for active connections
© 2012 IBM Corporation IBM Security Systems 15 IBM Security Systems Security Intelligence with Investigative Analysis of Big Data: Pursue Active SpearPursue Active Spear--Phishing Campaigns Targeting the OrganizationPhishing Campaigns Targeting the Organization Employ Big Data Analytics on email to identify patterns to identify targets and redirects Build visualizations, such as heat maps, to view top targets of a spear-phishing attacks Load Spear-Phishing targets and redirect URLs into real- time security intelligence analysis to thwart the attack
© 2011 IBM Corporation16 IBM Confidential IBM Security Strategy Confidential – for division executives only IBM Security Strategy IBM Security Intelligence Solution with Big Data
© 2012 IBM Corporation IBM Security Systems 17 IBM Security Systems High Volume Security Events and Network Activity IBM QRadar Big Data Capabilities Customer Results New SIEM appliances with massive scale Quickly find critical insights among 1000s of devices and years of data Payload indexing for rapid ad hoc query leveraging a purpose-built data store Search 7M+ events in <0.2 sec Google-like Instant Search of large data sets (both logs and flows) Instant, free-text searching for easier and faster forensics Intelligent data policy management Granular management of log and flow data Advanced Threat Visualization and Impact Analysis Attack path visualization and device / interface mapping High Priority Security Offenses QRadar uses Big Data capabilities to identify critical security events
© 2012 IBM Corporation IBM Security Systems 18 IBM Security Systems Data ingest Insights IBM Security QRadar • Hadoop-based • Enterprise-grade • Any data / volume • Data mining • Ad hoc analytics • Data collection and enrichment • Event correlation • Real-time analytics • Offense prioritization Big Data Platform Custom Analytics Traditional data sources IBM InfoSphere BigInsights Non-traditional Security Intelligence Platform Extending the Big Data Support of QRadar Advanced Threat Detection
© 2012 IBM Corporation IBM Security Systems 19 IBM Security Systems Integrated analytics and exploration in a new architecture
© 2012 IBM Corporation IBM Security Systems 20 IBM Security Systems 2 0 InfoSphere BigInsights - flexible, enterprise-class solution for processing large volumes of data EnterpriseValue Core Hadoop BigInsights Basic Edition BigInsights Enterprise Edition Free download with web support Limit to <= 10 TB of data (Optional: 24x7 paid support Fixed Term License) Professional Services Offerings QuickStart, Bootcamp, Education, Custom Development Enterprise-grade features Tiered terabyte-based pricing Easy installation and programming • Analytics tooling / visualization • Recoverability security • Administration tooling • Development tooling • Flexible storage • High availability
© 2012 IBM Corporation IBM Security Systems 21 IBM Security Systems For IBM, Security and Business Intelligence offer insightful parallels
© 2012 IBM Corporation IBM Security Systems 22 IBM Security Systems Find out more about Security Intelligence with Big Data Visit the website Watch the video Read the white paper Develop a richer understanding of big data – Understanding Big Data eBook – Harness the Power of Big Data eBook Download some collateral – Security Intelligence white paper – QRadar SIEM data sheet – InfoSphere BigInsights data sheet
© 2012 IBM Corporation IBM Security Systems 23 IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Recommended

Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
IBM Security
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
Jürgen Ambrosi
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business Case
Enterprise Technology Management (ETM)
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 

Recommended

Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
IBM Security
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
SIEM/QRadar: le Soluzioni cognitive e di Security Intelligence di IBM per ril...
Jürgen Ambrosi
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business Case
Enterprise Technology Management (ETM)
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune SystemJuan Pablo Coelho
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
Prolifics
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
IBM Security
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Avishek Priyadarshi
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
EMC
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-Advisor
Luigi Perrone
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
IBM Security
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
Patrick Bouillaud
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
Shwetank Jayaswal
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
IBM Security
 

More Related Content

What's hot

IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
Prolifics
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
IBM Security
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Avishek Priyadarshi
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
EMC
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-Advisor
Luigi Perrone
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
IBM Security
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
Patrick Bouillaud
 

What's hot (20)

IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-Advisor
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
 

Similar to Big Data - Amplifying Security Intelligence

IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
Shwetank Jayaswal
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
IBM Security
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
Stefaan Van daele
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIBM Switzerland
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
IBM Sverige
 
Bridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical DataBridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical Data
IBM Security
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
FMA Summits
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
Francisco González Jiménez
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
Sonia Baratas Alves
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_references
Maarten Werff
 
QRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdfQRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdf
ssuserf5beb3
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
Andris Soroka
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
Casey Lucas
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
IBM Security
 
Ibm big data-platform
Ibm big data-platformIbm big data-platform
Ibm big data-platform
IBM Sverige
 

Similar to Big Data - Amplifying Security Intelligence (20)

IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
Bridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical DataBridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical Data
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_references
 
QRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdfQRadar-XDR-Solution.pdf
QRadar-XDR-Solution.pdf
 
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyDSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
 
Ibm big data-platform
Ibm big data-platformIbm big data-platform
Ibm big data-platform
 

More from IBM Danmark

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyIBM Danmark
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjIBM Danmark
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenIBM Danmark
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip NyborgIBM Danmark
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim EscherichIBM Danmark
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenIBM Danmark
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonIBM Danmark
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice BayerIBM Danmark
 
Numascale Product IBM
Numascale Product IBMNumascale Product IBM
Numascale Product IBM
IBM Danmark
 
Mellanox IBM
Mellanox IBMMellanox IBM
Mellanox IBM
IBM Danmark
 
Intel HPC Update
Intel HPC UpdateIntel HPC Update
Intel HPC Update
IBM Danmark
 
IBM general parallel file system - introduction
IBM general parallel file system - introductionIBM general parallel file system - introduction
IBM general parallel file system - introduction
IBM Danmark
 
NeXtScale HPC seminar
NeXtScale HPC seminarNeXtScale HPC seminar
NeXtScale HPC seminar
IBM Danmark
 
Future of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenFuture of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian Nielsen
IBM Danmark
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
IBM Danmark
 
Future of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnFuture of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren Ravn
IBM Danmark
 
Future of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenFuture of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim Mortensen
IBM Danmark
 
Future of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexFuture of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik Rex
IBM Danmark
 
Future of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichFuture of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim Escherich
IBM Danmark
 
Future of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenFuture of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-Jensen
IBM Danmark
 

More from IBM Danmark (20)

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinley
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia Rønhøj
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip Nyborg
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim Escherich
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. Madsen
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter Jönsson
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice Bayer
 
Numascale Product IBM
Numascale Product IBMNumascale Product IBM
Numascale Product IBM
 
Mellanox IBM
Mellanox IBMMellanox IBM
Mellanox IBM
 
Intel HPC Update
Intel HPC UpdateIntel HPC Update
Intel HPC Update
 
IBM general parallel file system - introduction
IBM general parallel file system - introductionIBM general parallel file system - introduction
IBM general parallel file system - introduction
 
NeXtScale HPC seminar
NeXtScale HPC seminarNeXtScale HPC seminar
NeXtScale HPC seminar
 
Future of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenFuture of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian Nielsen
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
 
Future of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnFuture of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren Ravn
 
Future of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenFuture of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim Mortensen
 
Future of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexFuture of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik Rex
 
Future of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichFuture of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim Escherich
 
Future of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenFuture of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-Jensen
 

Recently uploaded

Authentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto RicoAuthentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto Rico
Corey Perlman, Social Media Speaker and Consultant
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
FelixPerez547899
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Boris Ziegler
 
Training my puppy and implementation in this story
Training my puppy and implementation in this storyTraining my puppy and implementation in this story
Training my puppy and implementation in this story
WilliamRodrigues148
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
NZSG
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
DerekIwanaka1
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
Kirill Klimov
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
fisherameliaisabella
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdfBài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
daothibichhang1
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
RajPriye
 
Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
narasimhamurthyh4
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
JeremyPeirce1
 
An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.
Any kyc Account
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
Lviv Startup Club
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
dylandmeas
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
balatucanapplelovely
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 

Recently uploaded (20)

Authentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto RicoAuthentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto Rico
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
 
Training my puppy and implementation in this story
Training my puppy and implementation in this storyTraining my puppy and implementation in this story
Training my puppy and implementation in this story
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdfBài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
Bài tập - Tiếng anh 11 Global Success UNIT 1 - Bản HS.doc.pdf
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
 
Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
 
Top mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptxTop mailing list providers in the USA.pptx
Top mailing list providers in the USA.pptx
 
An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 

Big Data - Amplifying Security Intelligence

  • 1. © 2012 IBM Corporation IBM Security Systems 1 IBM Security Systems © 2012 IBM Corporation Amplifying Security Intelligence With Big Data and Advanced Analytics Vijay Dheap Global Product Manager, Master Inventor Big Data Security Intelligence & Mobile Security
  • 2. © 2012 IBM Corporation IBM Security Systems 2 IBM Security Systems Welcome to a Not So Friendly Cyber World… Biggest Bank Heist in History Nets $45Million All without setting foot in a Bank… Cyber Espionage via Social Networking Sites Target: US DOD Officials Hidden Malware Steals 3000 Confidential Documents – Japanese Ministry
  • 3. © 2012 IBM Corporation IBM Security Systems 3 IBM Security Systems Playing Defense… Traditional Approach to Security Predicated on a Defensive MindsTraditional Approach to Security Predicated on a Defensive Mindsetet Assumes explicit organizational perimeter Optimized for combating external threats Presumes standardization mitigates risk Dependent on general awareness of attack methodologies Requires monitoring and control of traffic flows Layered Defenses Essential for Good Security Hygiene and Addressing Traditional Security Threats…but attackers adapting too Origins of Security Intelligence
  • 4. © 2012 IBM Corporation IBM Security Systems 4 IBM Security Systems Business Change is Coming…If Not Already Here Enterprises are Undergoing Dynamic TransformationsEnterprises are Undergoing Dynamic Transformations The Organization’s Cyber Perimeter is Being Blurred…It can no longer be assumed
  • 5. © 2012 IBM Corporation IBM Security Systems 5 IBM Security Systems Evolving Attack Tactics…Focus on Breaching Defenses
  • 6. © 2012 IBM Corporation IBM Security Systems 6 IBM Security Systems A Look at the Emerging Threat Landscape Targeted, Persistent, Clandestine Situational, Subversive, Unsanctioned Focused, Well-Funded, ScalableTopical, Disruptive, Public Concealed, Motivated, Opportunistic
  • 7. © 2012 IBM Corporation IBM Security Systems 7 IBM Security Systems Incorporating a More Proactive Mindset to Enterprise Security Detect, Analyze & Remediate Think like an attacker, counter intelligence mindset Protect high value assets Emphasize the data Harden targets and weakest links Use anomaly-based detection Baseline system behavior Consume threat feeds Collect everything Automate correlation and analytics Gather and preserve evidence Audit, Patch & Block Think like a defender, defense-in-depth mindset Protect all assets Emphasize the perimeter Patch systems Use signature-based detection Scan endpoints for malware Read the latest news Collect logs Conduct manual interviews Shut down systems Broad Targeted
  • 8. © 2012 IBM Corporation IBM Security Systems 8 IBM Security Systems Greater Need for Security Intelligence… Visibility across organizational security systems to improve response times and incorporate adaptability/flexibility required for early detection of threats or risky behaviors
  • 9. © 2012 IBM Corporation IBM Security Systems 9 IBM Security Systems Diversity & Sophistication of Attacks Placing Greater Demands… 1. Analyze a variety of non-traditional and unstructured datasets 2. Significantly increase the volume of data stored for forensics and historic analysis 3. Visualize and query data in new ways 4. Integrate with my current operations 1. Analyze a variety of non-traditional and unstructured datasets 2. Significantly increase the volume of data stored for forensics and historic analysis 3. Visualize and query data in new ways 4. Integrate with my current operations Amplify Security Intelligence with New Insights from Big DataAmplify Security Intelligence with New Insights from Big Data Big Data Analytics LogsLogs EventsEvents AlertsAlerts Traditional Security Operations and Technology ConfigurationConfiguration informationinformation SystemSystem audit trailsaudit trails External threatExternal threat intelligence feedsintelligence feeds Network flowsNetwork flows and anomaliesand anomalies IdentityIdentity contextcontext Web pageWeb page texttext Full packet andFull packet and DNS capturesDNS captures EE--mail andmail and social activitysocial activity BusinessBusiness process dataprocess data CustomerCustomer transactionstransactions
  • 10. © 2012 IBM Corporation IBM Security Systems 10 IBM Security Systems Big Data Brings New Considerations & Empowers Powerful Analysis Storage and Processing Collection and integration Size and speed Enrichment and correlation Analytics and Workflow Visualization Unstructured analysis Learning and prediction Customization Sharing and export Transforming Data to Insights Requires Some Infrastructure ConsiTransforming Data to Insights Requires Some Infrastructure Considerationsderations
  • 11. © 2011 IBM Corporation11 IBM Confidential IBM Security Strategy Confidential – for division executives only IBM Security Strategy Use Cases
  • 12. © 2012 IBM Corporation IBM Security Systems 12 IBM Security Systems Security Intelligence From Real-time Processing of Big Data Behavior monitoring and flow analytics Activity and data access monitoring Stealthy malware detection Irrefutable Botnet Communication Layer 7 flow data shows botnet command and control instructions Irrefutable Botnet Communication Layer 7 flow data shows botnet command and control instructions Improved Breach Detection 360-degree visibility helps distinguish true breaches from benign activity, in real-time Improved Breach Detection 360-degree visibility helps distinguish true breaches from benign activity, in real-time Network Traffic Doesn‘t Lie Attackers can stop logging and erase their tracks, but can’t cut off the network (flow data) Network Traffic Doesn‘t Lie Attackers can stop logging and erase their tracks, but can’t cut off the network (flow data)
  • 13. © 2012 IBM Corporation IBM Security Systems 13 IBM Security Systems Security Intelligence with Investigative Analysis of Big Data: Hunting for External Command & Control (C&C) Domains of an AttacHunting for External Command & Control (C&C) Domains of an Attackerker Advanced analytics identify suspicious domains Why only a few hits across the entire organization to these domains? Correlating to public DNS registry information increases suspicions Historical analysis of DNS activity within organization Automate correlation against external DNS registries
  • 14. © 2012 IBM Corporation IBM Security Systems 14 IBM Security Systems Enrich Real-Time Analysis with Insights from Investigative Analysis Monitor & Thwart Connections to Potential C&C Domains of an AttaMonitor & Thwart Connections to Potential C&C Domains of an Attackercker Correlate against network activity and visualize View real-time data and look for active connections
  • 15. © 2012 IBM Corporation IBM Security Systems 15 IBM Security Systems Security Intelligence with Investigative Analysis of Big Data: Pursue Active SpearPursue Active Spear--Phishing Campaigns Targeting the OrganizationPhishing Campaigns Targeting the Organization Employ Big Data Analytics on email to identify patterns to identify targets and redirects Build visualizations, such as heat maps, to view top targets of a spear-phishing attacks Load Spear-Phishing targets and redirect URLs into real- time security intelligence analysis to thwart the attack
  • 16. © 2011 IBM Corporation16 IBM Confidential IBM Security Strategy Confidential – for division executives only IBM Security Strategy IBM Security Intelligence Solution with Big Data
  • 17. © 2012 IBM Corporation IBM Security Systems 17 IBM Security Systems High Volume Security Events and Network Activity IBM QRadar Big Data Capabilities Customer Results New SIEM appliances with massive scale Quickly find critical insights among 1000s of devices and years of data Payload indexing for rapid ad hoc query leveraging a purpose-built data store Search 7M+ events in <0.2 sec Google-like Instant Search of large data sets (both logs and flows) Instant, free-text searching for easier and faster forensics Intelligent data policy management Granular management of log and flow data Advanced Threat Visualization and Impact Analysis Attack path visualization and device / interface mapping High Priority Security Offenses QRadar uses Big Data capabilities to identify critical security events
  • 18. © 2012 IBM Corporation IBM Security Systems 18 IBM Security Systems Data ingest Insights IBM Security QRadar • Hadoop-based • Enterprise-grade • Any data / volume • Data mining • Ad hoc analytics • Data collection and enrichment • Event correlation • Real-time analytics • Offense prioritization Big Data Platform Custom Analytics Traditional data sources IBM InfoSphere BigInsights Non-traditional Security Intelligence Platform Extending the Big Data Support of QRadar Advanced Threat Detection
  • 19. © 2012 IBM Corporation IBM Security Systems 19 IBM Security Systems Integrated analytics and exploration in a new architecture
  • 20. © 2012 IBM Corporation IBM Security Systems 20 IBM Security Systems 2 0 InfoSphere BigInsights - flexible, enterprise-class solution for processing large volumes of data EnterpriseValue Core Hadoop BigInsights Basic Edition BigInsights Enterprise Edition Free download with web support Limit to <= 10 TB of data (Optional: 24x7 paid support Fixed Term License) Professional Services Offerings QuickStart, Bootcamp, Education, Custom Development Enterprise-grade features Tiered terabyte-based pricing Easy installation and programming • Analytics tooling / visualization • Recoverability security • Administration tooling • Development tooling • Flexible storage • High availability
  • 21. © 2012 IBM Corporation IBM Security Systems 21 IBM Security Systems For IBM, Security and Business Intelligence offer insightful parallels
  • 22. © 2012 IBM Corporation IBM Security Systems 22 IBM Security Systems Find out more about Security Intelligence with Big Data Visit the website Watch the video Read the white paper Develop a richer understanding of big data – Understanding Big Data eBook – Harness the Power of Big Data eBook Download some collateral – Security Intelligence white paper – QRadar SIEM data sheet – InfoSphere BigInsights data sheet
  • 23. © 2012 IBM Corporation IBM Security Systems 23 IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.