Cisco connect winnipeg 2018 accelerating incident response in organizations of any size

•

0 likes•1,309 views

This document discusses accelerating incident response for organizations of any size. It outlines typical incident response workflows and how current security infrastructure like antivirus and firewalls can generate many alerts that are difficult to investigate. The presentation then shows how Cisco's security products like Email Security, Umbrella, AMP, ThreatGrid, and others can be integrated to provide automated hunting and 30+ days of recorded network history to accelerate incident response investigations. Examples of incident response scenarios are also presented. Attendees are invited to try out the tools themselves.

Technology

© 2016 Cisco and/or its affiliates. All rights reserved. 1
Accelerating Incident
Response in organizations
of Any Size
April, 2018
Sean Earhard
Advanced Threat Solution Specialist
Jean-Paul Kerouanton
Advanced Threat Solution CSE

2© 2016 Cisco and/or its affiliates. All rights reserved.
9:36AM

3© 2016 Cisco and/or its affiliates. All rights reserved.
How does your current security
infrastructure help you respond to
incidents?

4© 2016 Cisco and/or its affiliates. All rights reserved.
ANTIVIRUS
ANTIVIRUS
Vendors pumping out
update after update
after update after
update…
Firewall
Web filter
Email filter
ANTIVIRUS SERVER
consoles pumping out
alert after alert after alert
after alert…
! ! ! !

5© 2016 Cisco and/or its affiliates. All rights reserved.
Typical Incident Response workflow

6© 2016 Cisco and/or its affiliates. All rights reserved.
INVESTIGATE
INCIDENTS
RECOVER
IMPROVE
DEFENSE
REDUCE THE
ATTACK
SURFACE
ALERTS
SECURITY
ARCHITECTURE
BLOCK

7© 2016 Cisco and/or its affiliates. All rights reserved.
What we will show today

8© 2016 Cisco and/or its affiliates. All rights reserved.

9© 2016 Cisco and/or its affiliates. All rights reserved.
Email
Security
ThreatGrid
Umbrella
SIG
Cisco ISE
NextGen
Firewall
Email
Security
AMP for
Endpoints
AMP
AMP
AMP
AMP
Cisco ISE
Umbrella
Investigate
AMP AMP
CISCO
TALOS

10© 2016 Cisco and/or its affiliates. All rights reserved.
Cisco ISE
NextGen
Firewall
Cisco ISE
Email
Security
AMP for
Endpoints
Cisco ISE
Cisco ISE
ThreatGrid
Umbrella
SIG
Cisco ISE
NextGen
Firewall
Email
Security
AMP for
Endpoints
CISCO
TALOS
AMP
AMP
AMP
AMP
Umbrella
Investigate
AMP AMP
30+ day recorded history =
accelerated IR
Continuous analysis of that
recorded history =
automated hunting

11© 2016 Cisco and/or its affiliates. All rights reserved.
COGNITIVE
THREAT
ANALYTICS
EMAIL
WEB
FIREWALL
MERAKI
UMBRELLA
THREATGRID
Blocking
AMP
Endpoint
AMP

12© 2016 Cisco and/or its affiliates. All rights reserved.
Today’s IR scenarios

13© 2016 Cisco and/or its affiliates. All rights reserved.
Want to try it out yourself?

Today's advanced threats hide in plain sight, patiently waiting to strike, challenging security teams to track their progress across their network and endpoints. Meanwhile, executive and board-level reporting requirements are increasing as leadership demands in-depth answers that are unavailable from today’s block/allow security tools. With 55% of organizations unable to identify the origin of their last security breach, it’s time to stop relying on tools that define security based on what they see ‘out there’ and instead hunt for threats by tracking files, file relationships, and both endpoint and network behavior ‘in here’—inside your environment. In the first part of this interactive session, learn how Cisco’s Advanced Malware Protection (AMP) solutions use big data analytics to compare a real-time, dynamic history of your environment to the global threat landscape, automatically uncovering and blocking advanced threats before they strike. Then watch workflow examples demonstrating how your security team can use this advanced visibility and control to dramatically improve their efficiency and finally deliver the business 100% confidence answers.

Cisco ThreatGrid: Malware Analysis and Threat Intelligence

Cisco Canada

We will present the details of the Cisco's 2016 Annual Security report with emphasis on the Canadian landscape. The Cisco 2016 Annual Security Report; which presents research, insights, and perspectives from Cisco Security Research & highlights the challenges that defenders face in detecting and blocking attackers who employ a rich and ever-changing arsenal of tools. The report also includes research from external experts, such as Level 3 Threat Research Labs, to help shed more light on current threat trends. We take a close look at data compiled by Cisco researchers to show changes over time, provide insights on what this data means, and explain how security professionals should respond to threats.

Cisco Connect Toronto 2017 - Anatomy-of-attack

Cisco Canada

Presentación - Cisco ASA with FirePOWER Services

Oscar Romano

En la medida que más empresas mueven sus modelos de negocio hacia la movilidad, la nube e Internet de las cosas, sus soluciones de seguridad deben ser más dinámicas y escalables. Sin embargo, hasta la fecha, la mayoría de las soluciones de seguridad no han seguido el ritmo de cambio y no han podido adaptarse a las nuevas amenazas y ataques. Hoy, las soluciones de seguridad están basadas en un modelo binario de “bien vs mal”, el cual carece de la visibilidad necesaria para entender el contexto. El 16 de septiembre, Cisco dio a conocer su más reciente paso en esta dirección.

Presentation cisco cloud security strategy

xKinAnx

Talk2 esc4 muscl-ids_v1_2

Sylvain Martinez

Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker

Cisco Canada

Cisco Connect Vancouver 2017 - Anatomy of Attack

Cisco Canada

Cisco Security Architecture

Cisco Canada

IPS Best Practices

Heather Axworthy

TechWiseTV Workshop: OpenDNS and AnyConnect

Robb Boyd

Cisco ASA con fire power services

Felipe Lamus

Cisco Security Presentation

Simplex

As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet, protecting all your users within minutes. Cisco Advanced Malware Protection offers global threat intelligence, advanced sandboxing and real-time malware blocking to prevent breaches while it continuously analyzes file activity across your network, so that you can quickly detect, contain and remove advanced malware. Presentation of Cisco Security Architecture and Solutions such as Cisco Advanced Malware Protection (AMP) and Cisco Umbrella during Simplex-Cisco Technology Session that took place at the Londa Hotel in Limassol on 14 March 2018.

Ot ics cyberattaques dans les organisations industrielles

Cisco Canada

Cisco amp for meraki

Cisco Canada

ASA Firepower NGFW Update and Deployment Scenarios

Cisco Canada

This session will focus on typical deployment scenarios for the Adaptive Security Appliance family running FirePower Services. Also, a feature overview and comparison of the ASA with Firepower services and the new Firepower Threat Defense (FTD) image will be included with updates on the new Firepower hardware platform. Deployment use cases will include Internet Edge, various segmentation scenarios, and VPN. A configuration walk-through and accepted best practices will be covered. This session is designed for existing ASA customers and targets the security and network engineer. They will learn the benefit of a FirePower NGFW in network edge and Internet use cases

Hillstone-Corporate-Overview-EN-V3.0Shamal Abeyrathne

Building Up Network Security: Intrusion Prevention and Sourcefire

Global Knowledge Training

Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire. ABOUT THE PRESENTER Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.

Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool

Sylvain Martinez

What is an IDS? What is required for a successful implementation and utilisation? IDS can also be used for penetration testing activities, not just for defence purposes. See how! This was presented as part of the FIRST Technical Colloquium 2017 Conference in Mauritius on the 30th of November 2017. Feel free to contact us for more information. If you are reusing some of the slides or their content, can you please reference our website as the source: https://www.elysiumsecurity.com

Emerging Threats - The State of Cyber Security

Cisco Canada

The security threat landscape is constantly in flux as attackers evolve their skills and tactics. Cisco's Talos team specializes in early-warning intelligence and threat analysis necessary to help secure a network in light of this ever changing and growing threat landscape.Talos advances the overall efficacy of all Cisco security platforms by analyzing data feeds, collaborating with teams of security experts, and developing cutting-edge big data technology to identify security threats. In this talk we will perform deep analysis of recent threats and see how Talos leverages large data intelligence feeds to deliver product improvements and mitigation strategies.

Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...

Cisco Canada

Accelerating Incident Response in organizations of Any Size

Cisco Canada

Accelerating Incident Response in Organizations of Any Size

Cisco Canada

What's hot

Cisco's 2016 Annual Security report

Cisco Canada

Cisco Connect Toronto 2017 - Anatomy-of-attack

Cisco Canada

Presentación - Cisco ASA with FirePOWER Services

Oscar Romano

Presentation cisco cloud security strategy

xKinAnx

Talk2 esc4 muscl-ids_v1_2

Sylvain Martinez

Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker

Cisco Canada

Cisco Connect Vancouver 2017 - Anatomy of Attack

Cisco Canada

Cisco Security Architecture

Cisco Canada

IPS Best Practices

Heather Axworthy

TechWiseTV Workshop: OpenDNS and AnyConnect

Robb Boyd

Cisco ASA con fire power services

Felipe Lamus

Cisco Security Presentation

Simplex

Ot ics cyberattaques dans les organisations industrielles

Cisco Canada

Cisco amp for meraki

Cisco Canada

ASA Firepower NGFW Update and Deployment Scenarios

Cisco Canada

Hillstone-Corporate-Overview-EN-V3.0Shamal Abeyrathne

Building Up Network Security: Intrusion Prevention and Sourcefire

Global Knowledge Training

Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool

Sylvain Martinez

Emerging Threats - The State of Cyber Security

Cisco Canada

Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...

Cisco Canada

What's hot (20)

Cisco's 2016 Annual Security report

Cisco Connect Toronto 2017 - Anatomy-of-attack

Presentación - Cisco ASA with FirePOWER Services

Presentation cisco cloud security strategy

Talk2 esc4 muscl-ids_v1_2

Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker

Cisco Connect Vancouver 2017 - Anatomy of Attack

Cisco Security Architecture

IPS Best Practices

TechWiseTV Workshop: OpenDNS and AnyConnect

Cisco ASA con fire power services

Cisco Security Presentation

Ot ics cyberattaques dans les organisations industrielles

Cisco amp for meraki

ASA Firepower NGFW Update and Deployment Scenarios

Hillstone-Corporate-Overview-EN-V3.0

Building Up Network Security: Intrusion Prevention and Sourcefire

Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool

Emerging Threats - The State of Cyber Security

Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...

Similar to Cisco connect winnipeg 2018 accelerating incident response in organizations of any size

Accelerating Incident Response in organizations of Any Size

Cisco Canada

Accelerating Incident Response in Organizations of Any Size

Cisco Canada

Accelerating incident response in organizations of any size

Cisco Canada

Putting firepower into the next generation firewall

Cisco Canada

Intelligent Cybersecurity for the Real World

NetCraftsmen

Security and Virtualization in the Data Center

Cisco Canada

The evolving complexity of the data center is placing increased demand on the network and security teams to come up with inventive methods for enforcing security policies in these ever-changing environments. The goal of this session is to provide participants with an understanding of features and design recommendations for integrating security into the data center environment. This session will focus on recommendations for securing next-generation data center architectures. Areas of focus include security services integration, leveraging device virtualization, and considerations and recommendations for server virtualization. The target audience are security and data center administrators.

Recovering Your Customers From Ransomware Without Paying Ransom

Solarwinds N-able

Join SolarWinds N-able and StorageCraft to learn about getting a leg up on ransomware to keep your customers’ data safe and satisfied with your service. Recovering Your Customers From Ransomware Without Paying Ransom. No matter how strong your security management, ransomware continues to loom as a serious and credible threat to your customers’ data. Once your customer has fallen victim, they will look to you for help and expect results quickly. As an MSP delivering IT Services to your customers, at no time is your performance more important than in a recovery situation and your relationship with your customers is fully dependent on how quickly you can make your customer whole again. Join us for this webinar and you’ll learn: • Why backups are the best protection from ransomware threats • How ransomware can compromise your backups and lock up your data • Best practices on isolating backups from the threat of ransomware • Fast, simple recovery techniques for getting data and systems back online without paying ransom!

[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...

PROIDEA

As the SOC Manager with Cisco Active Threat Analytics (ATA), Gawel is responsible for building, growing and operating Cisco Managed Security Services SOC in Krakow, Poland and Tokyo, Japan. Before that, Gawel spent half a decade in various Architect and Consulting Security roles at Cisco. He holds numerous industry certificates, including CCIE #24987, CISSP-ISSAP, CISA, C|EH and SFCE. Gawel is a frequent speaker at IT events, such as Cisco Live! Europe/Australia, PLNOG, EuroNOG, Security B-Sides, CONFidence, Cisco Connect, Cisco Expo and Cisco Forum. Before Gawel has joined Cisco, he was a UNIX System Administrator and a Systems Engineer with one of the leading system integrators in Poland. He was also a Cisco Networking Academy Instructor. Gawel graduated from Warsaw University of Technology with degree in Telecommunications.

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

Splunk for Enterprise Security Featuring UBA

Splunk

This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security

BGA Cyber Security

Scalar Security Roadshow - Toronto Presentation

Scalar Decisions

Upgrading Your Firewall? Its Time for an Inline Security Fabric

Rahul Neel Mani

Learn how to use an Analytics-Driven SIEM for your Security Operations

Splunk

Join our Security Experts and learn about our Analytics-Driven SIEM, Splunk Enterprise Security (ES) in a live, hands-on session. You will start off with a hands-on tour of Splunk's award-winning SIEM, Splunk Enterprise Security and understand its key frameworks and its unique capabilities. Then, you will work on hands-on exercises that involve threat detection, incident investigation and how to take rapid responses using data from a range of sources such as threat list intelligence feeds, endpoint activity logs, e-mail logs, and web logs. This session is a must session for all security practitioners.

Forcepoint - Analýza chování uživatelů

MarketingArrowECS_CZ

комплексная защита от современных интернет угроз с помощью Check point sandblast

Diana Frolova

Next Generation Security

Cisco Canada

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...

BGA Cyber Security

ThreadFix and SD Elements Unifying Security Requirements and Vulnerability Ma...

Denim Group

Effective application security programs both highlight security requirements early in the development process and manage vulnerabilities throughout the development lifecycle. This webinar demonstrates how the SD Elements security requirements automation system can be integrated with the ThreadFix vulnerability resolution platform to provide end-to-end tracking throughout the SDLC. The combination increases both developer and security team productivity by providing a seamless way to enumerate security specifications and track development teams success in meeting these obligations, and the presentation provides insight into how the integrated system reduces the cost of developing and maintaining secure applications.

Similar to Cisco connect winnipeg 2018 accelerating incident response in organizations of any size (20)

Accelerating Incident Response in organizations of Any Size

Accelerating Incident Response in Organizations of Any Size

Accelerating incident response in organizations of any size

Putting firepower into the next generation firewall

Intelligent Cybersecurity for the Real World

Security and Virtualization in the Data Center

Recovering Your Customers From Ransomware Without Paying Ransom

[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk for Enterprise Security Featuring UBA

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security

Scalar Security Roadshow - Toronto Presentation

Upgrading Your Firewall? Its Time for an Inline Security Fabric

Learn how to use an Analytics-Driven SIEM for your Security Operations

Forcepoint - Analýza chování uživatelů

комплексная защита от современных интернет угроз с помощью Check point sandblast

Next Generation Security

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...

ThreadFix and SD Elements Unifying Security Requirements and Vulnerability Ma...

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Bits & Pixels using AI for Good.........

Alison B. Lowndes

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support

DevOps and Testing slides at DASA Connect

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Bits & Pixels using AI for Good.........

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

GraphRAG is All You need? LLM & Knowledge Graph

Designing Great Products: The Power of Design and Leadership by Chief Designe...

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

The Art of the Pitch: WordPress Relationships and Sales

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Generating a custom Ruby SDK for your web service or Rails API using Smithy

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Connector Corner: Automate dynamic content and events by pushing a button

UiPath Test Automation using UiPath Test Suite series, part 4

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Essentials of Automations: Optimizing FME Workflows with Parameters

FIDO Alliance Osaka Seminar: Overview.pdf

UiPath Test Automation using UiPath Test Suite series, part 3

Cisco connect winnipeg 2018 accelerating incident response in organizations of any size

1. © 2016 Cisco and/or its affiliates. All rights reserved. 1 Accelerating Incident Response in organizations of Any Size April, 2018 Sean Earhard Advanced Threat Solution Specialist Jean-Paul Kerouanton Advanced Threat Solution CSE

4. 4© 2016 Cisco and/or its affiliates. All rights reserved. ANTIVIRUS ANTIVIRUS Vendors pumping out update after update after update after update… Firewall Web filter Email filter ANTIVIRUS SERVER consoles pumping out alert after alert after alert after alert… ! ! ! !

9. 9© 2016 Cisco and/or its affiliates. All rights reserved. Email Security ThreatGrid Umbrella SIG Cisco ISE NextGen Firewall Email Security AMP for Endpoints AMP AMP AMP AMP Cisco ISE Umbrella Investigate AMP AMP CISCO TALOS

10. 10© 2016 Cisco and/or its affiliates. All rights reserved. Cisco ISE NextGen Firewall Cisco ISE Email Security AMP for Endpoints Cisco ISE Cisco ISE ThreatGrid Umbrella SIG Cisco ISE NextGen Firewall Email Security AMP for Endpoints CISCO TALOS AMP AMP AMP AMP Umbrella Investigate AMP AMP 30+ day recorded history = accelerated IR Continuous analysis of that recorded history = automated hunting

Cisco connect winnipeg 2018 accelerating incident response in organizations of any size

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Cisco connect winnipeg 2018 accelerating incident response in organizations of any size

Similar to Cisco connect winnipeg 2018 accelerating incident response in organizations of any size (20)

More from Cisco Canada

More from Cisco Canada (20)

Recently uploaded

Recently uploaded (20)

Cisco connect winnipeg 2018 accelerating incident response in organizations of any size