SlideShare a Scribd company logo
1 of 32
Download to read offline
1
@solarwinds
Why Your ObservabilITy Strategy Needs
Security ObservabilITy!
Glenn Lazarus
CEO
ATS Network Management
2
@solarwinds 2
@solarwinds
TO HARNESS NEW GROWTH OPPORTUNITIES, ORGANIZATIONS ARE
DOING THE FOLLOWING:
HOWEVER, SEVERE CHALLENGES ABOUND:
Leveraging multi-cloud deployments
Modernizing operations, apps, and databases
Supporting increasingly remote work
Stagnant IT budgets and resource constraints
Complexity, security, and productivity challenges
Stringent uptime and service-level agreement (SLA) requirements
Digital Transformation Is Accelerating
Across Organizations of All Sizes
3
@solarwinds
Technology Landscapes Powering
Transformation Are Increasingly Complex
Information silos
and tool sprawl
High risk
and cost
Manual root
cause analysis
Poor service
delivery
Low
productivity
1 ’ 1 ’ 1 ’ 1 ’
100s
100s
1,000s
100s
INFRAST RUCTURE NODES APPLICATIONS DATABASES
CLOUD SERVICES
Note: Example of a single environment for an upper-mid-market customer.
Modernization of
apps and databases
DevOps, CloudOps,
and AIOps teams
Infrastructure as a
service (IaaS), SD-WAN,
secure access service
edge (SASE)
Hybrid and multi-cloud
and cloud-native
Data Center 1 Data Center 2 Branch Office
Network Vendor Tool
Network Vendor Tool
Network Vendor Tool
Network Vendor Tool
Network Vendor Tool
App Vendor Tool
App Vendor Tool
Free Cloud Tool
Open-Source Tool
User Vendor Tool
Customers,
partners, and
employees
SaaS
Hardware Vendor Tool Hardware Vendor Tool
Cloud
4
@solarwinds
Limited visibility across the technology stack
Customer Challenges
Tool sprawl requires
staff to develop and
maintain skills in
different operating
environments
Multiple information
sources add
complexity and time
to issue resolution,
leading to operational
inefficiencies
Businesses services
distributed across
hybrid cloud
environments present
unique challenges for
troubleshooting,
optimization, and
security
Too many alerts can
cause fatigue or be
ignored,
putting customer and
end-user experience
at risk
Missed SLAs and
service-level
objectives (SLOs)
can result in
additional costs
through fines
Need greater control over complex systems
5
@solarwinds
Evolve from reactive monitoring
of WHAT has happened
Historically(more like yesterday)
proactive observability
into WHY something is happening
and gain actionable insights
Monitoring Is the Foundation for Observability
to
6
@solarwinds
Observability trends for 2024
to
7
@solarwinds
Simplify and extend
Hybrid Cloud Observability
Eliminate tool sprawl
Gain a unified solution with single-pane-of-glass monitoring and actionable intelligence
to help expedite problem resolution and enable proactive management across hybrid
environments.
Reduce alert fatigue and risk
Correlate problems that happened simultaneously on related devices with customizable
alerts to help enable faster remediation, reduce alert fatigue, and increase automation.
Gain deployment flexibility
Drive growth initiatives with flexible licensing, enabling you to purchase the nodes you
need and deploy however you need in your environment. Further your cloud
modernization efforts with flexible deployment options on-premises or self-hosted in the
cloud.
Be cloud-ready
Comprehensive observability across Hybrid Cloud Observability, empowering you to
integrate today and evolve as your business needs dictate.
Security
Help organizations better understand the complex vulnerabilities within their
environments while providing real-time visibility to help detect and remediate security
issues.
8
@solarwinds
Tracking the three pillars of observability—
metrics, logs, and traces
Use the endless stream of telemetry data to
identify security risks and vulnerabilities
Even the best-planned observability strategy is
incomplete without the fourth pillar - security
By leveraging the internal visibility observability
provides then overlaying it with security data,
extend eyes and ears into every corner of the IT
environment
Established processes track and analyze the
right telemetry data sources!
The strategy helps many businesses support the stability and performance of complex, distributed IT environments
The fourth pillar of Observability -Security
9
@solarwinds
Identify, analyze, and categorize suspicious patterns or anomalies.
Security data (metadata from firewalls, threat detection, or traffic analyzers layered
on top of telemetry data).
Correlating data sets can grant deeper visibility and context to infer system health and security
integrity.
Viewing traffic spikes through a security data lens might unveil patterns indicating a brute-force
attempt to access vital systems.
Include full-stack integration with cloud-based applications, networks, databases, and third-party
security tools or monitoring solutions to improve cross-functional collaboration and ensure teams
’ c b fy c u f u
•Incorporate AIOps, machine learning, and intelligent modeling capabilities designed to automatically
correlate vast data volumes and help teams spot security anomalies and areas of interest in real
time.
•Cut through the noise and make more informed decisions by focusing on critical issues.
Access to a single source of truth
The fourth pillar of Observability -Security
10
@solarwinds
The global average cost of a data breach in 2023 was USD 4.45 million,
a 15% increase over 3 years.
South Africa was almost R50 million Tech Central
51% of organizations are planning to increase security investments as a
result of a breach, including incident response (IR) planning and testing,
employee training, and threat detection and response tools.
USD 1.76 million The average savings for organizations that use security
AI and automation extensively is USD 1.76 million compared to
z ’ IBM research
Estimated annual cost of cyber-attacks globally (USD) 2024 $9.5 Trillion
IBM research(A trillion is a 1 with 12 zeros after it, represented as 1,000,000,000,000) Rand 180,000,000,000,000
The cost of a data breach in 2023
11
@solarwinds
Many of us have used Chat-GPT and other AI tools over the past year.
AI has exploded on to the digital landscape, and with its emergence
comes great opportunities and significant threats.
The power to use AI to automate and transform how we develop, operate
and grow our businesses is the most significant digital transformation
since the emergence of the internet.
However, that very same power in the hands of cyber attackers means
the threat level will increase and evolve into new and more invasive ways
to penetrate cyber defenses.
AI tools opportunities or significant threats
12
@solarwinds
Cyber security needs to become accessible to everyone in the
organization.
It's ultimately about finding faults in systems and processes
and closing the gaps that attackers can use to leverage an
attack.
Cyber execs need to be open and conduct a campaign within
their businesses to ensure they deliver knowledge and
transparency about the role of cyber.
Security ObservabilITy accessible to everyone
13
@solarwinds
Hybrid Cloud Observability—Designed for Your Needs
Built-in intelligence
Anomaly detection  Event correlation  Remediation  Auto-instrumented recommendations  Automation
Ensure compliance with
automated configuration and
change management and IP
address management
Ensure SLAs with end-to-end
visibility to pinpoint
performance issues
Gain deep understanding of
network paths across the
entire delivery chain
Automatically detect and
track devices and manage
switch ports
Get powerful quickly understand
your connected landscape
Gain understanding of the
application and the underlying
layers upon which it depends
14
@solarwinds
Critical Security Controls - CIS Controls
The 18 CIS Critical Security Controls
Formerly the SANS Critical Security Controls (SANS Top 20) these are now officially called the CIS
Critical Security Controls (CIS Controls).
CIS define Controls by activities, rather than by who manages the devices.
Physical devices, fixed boundaries, and discrete islands of security implementation are less
important.
15
@solarwinds
The 18 CIS Critical Security Controls
CIS Control 1: Inventory and Control of Enterprise
Assets
CIS Control 2: Inventory and Control of Software
Assets
CIS Control 3: Data Protection
CIS Control 4: Secure Configuration of Enterprise
Assets and Software
CIS Control 5: Account Management
CIS Control 6: Access Control Management
CIS Control 7: Continuous Vulnerability Management
CIS Control 8: Audit Log Management
CIS Control 9: Email Web Browser and Protections
CIS Control 10: Malware Defenses
CIS Control 11: Data Recovery
CIS Control 12: Network Infrastructure
Management
CIS Control 13: Network Monitoring and Defense
CIS Control 14: Security Awareness and Skills
Training
CIS Control 15: Service Provider Management
CIS Control 16: Application Software Security
CIS Control 17: Incident Response Management
CIS Control 18: Penetration Testing
16
@solarwinds
IDENTIFY DETECT RESPOND
Systems. Assets. Data.
• Physical
• Virtual
• Network
• Software
• 3rd Party compliance
• User training/Skills
Timely Discovery
• Firmware vulnerabilities
• Policy violations
• Security events Manager
• Active Directory® stats
• ID Monitor
Intelligent Actions
• Evidence-based
assessments and reporting
• Security dashboard
• Risk metrics AR
• Address future risks
Security Observability is built to reduce the attack surface, manage access, and improve compliance
Security Is Everyone’s Responsibility
Proactive Security Observability provides real-time visibility
to detect and remediate security issues
• Helps ensure integrity across your infrastructure
• Helps reduces security risks and business disruptions
17
@solarwinds
Gain visibility across your environments to reduce the mean time needed to detect, alert on, and remediate security incidents
Security Observability = Hybrid Cloud Observability + Security integration
Hybrid Cloud Observability Security Observability
Protecting increasingly distributed and complex IT infrastructures by providing a secure
Security integration with Hybrid Cloud Observability
18
@solarwinds
The solution gives you insights into the internal state of a system based on external behavior with extensive reporting
Full-Stack Observability Solution with Security
For better:
Visibility
+
Alerting
+
Investigation
+
Efficiency
Infrastructure
security
Data security
Cybersecurity Access control
Vulnerability
management
+ 3rd Party
Patch
management
Change
management
/ITSM
Single pane of
glass/ 1
Source of truth
Compliance
and audit
reporting
Security Observability Traces
Logs
Metrics
• Greater control in complex distributed systems
• Seamless management
• B ’ -eye view to help resolve internal issues
19
@solarwinds
Built-In Intelligence
Access Rights Manager
Security Event Manager
Patch Manager
Problem: Customers with no security teams rely on IT administrators (and different tools) to identify
security incidents in their infrastructure, network, applications, and data.
Solution: A single-pane-of-glass solution providing IT admins comprehensive visibility into their
environment to help them reduce the mean time needed to detect, alert on, and remediate security
incidents
Manage and audit access rights across
your IT infrastructure
Improve your security posture and
quickly demonstrate compliance
Patch management software designed to
quickly address software vulnerabilities
Integration
Approach
20
@solarwinds
Security Observability
Security Integration for Hybrid Cloud Observability
With Security Observability
• Cuts through layers of
virtualization, containerization,
and fabric overlays to properly
view your network
• Get real-time visibility to help
detect, alert on, and remediate
security incidents
• Monitor security and compliance
status on a dedicated security
dashboard
21
@solarwinds
Covers security-related events, metrics, and activities
Summary Dashboards
Single-pane-of-glass solution designed to identify
critical security issues
• Better understanding of the complexities within the
environment
• Gain real-time visibility to help detect and remediate
security issues
• View security events, firmware vulnerabilities, policy
violations, risk assessments, and more in a single
dashboard
22
@solarwinds
Security integration for Hybrid Cloud Observability
Benefits of Security Observability
Remove internal
silos and have
complete control
Gain insights into
the entire internal
state of a complex
distributed
environment
Reduce the time it
takes to identify
security issues
Understand the
security posture of
the environment
This integration combines security-related events, metrics, and activities with the other data in
Hybrid Cloud Observability. Some of the key benefits of this security integration include:
23
@solarwinds
What can be added Security Observability Dashboard
Active Endpoint Deception
Platform and Malware Defenses
Protects against ransomware,
malware, and unknown threats!
Mitigate ransomware in seconds,
before any data is exfiltrated or
encrypted.
Alert and dashboard integration
24
@solarwinds
What can be added Security Observability Dashboard
Third-Party Security Risk
Management
Evaluate new vendors
Close their cyber gaps
Continuously
Monitor their cyber posture.
Alert
25
@solarwinds
What can be added Security Observability Dashboard
Identity Monitoring
Proactively protect digital identities -
with a robust technology ecosystem
that promotes maximum extensibility
Uncover threats to your organization
like malware-infected employees,
stolen session cookies, and recency
of breach exposures
Alert
26
@solarwinds
Secured
Security Observability
Detection of Anomalies: By monitoring system behaviour and performance metrics, observability tools can detect anomalies that may
indicate security breaches or unauthorized access. For example, unexpected spikes in network traffic or unusual patterns in user behaviour
could signal a potential security threat.
Incident Response: In the event of a security incident, observability tools provide valuable data for incident response and
investigation. Security teams can quickly identify the source of the incident, understand its impact, and take appropriate action to contain
and remediate the threat.
Forensic Analysis: Observability enables detailed forensic analysis by providing a comprehensive view of system activities leading
up to and during a security incident. This information is crucial for understanding the root cause of the incident, identifying vulnerabilities,
and implementing measures to prevent future attacks.
Visibility into Cloud Environments: With the increasing adoption of cloud services, maintaining visibility into cloud environments is
essential for ensuring security. Observability tools designed for cloud environments can monitor and analyze cloud-native logs, metrics,
and events, helping organizations detect and respond to security threats effectively.
Compliance Monitoring: Many regulatory requirements mandate the monitoring and auditing of system activities for security
compliance. Observability tools can help organizations demonstrate compliance by providing detailed logs and audit trails that document
security-related events and activities.
Threat Hunting: Observability enables proactive threat hunting by allowing security teams to analyze historical data and search for
indicators of compromise or suspicious behaviour. By continuously monitoring system activity and analyzing data trends, organizations
can identify and mitigate security risks before they escalate into full-blown incidents.
Real-time Alerting: Observability tools can be configured to generate real-time alerts for security events that require immediate
attention. By alerting security teams to potential threats as they occur, organizations can respond promptly and minimize the impact of
security incidents.
27
@solarwinds
Cyber security is a business problem that can affect every aspect
of your company.
Too often, we do not see cyber experts taking their place in the
boardroom.
One strategy is to Assume breach, read our white paper
This is a crucial strategic move towards ensuring you can plan for
and respond effectively if and when facing a cyber threat.
Cyber security is a business problem
28
@solarwinds
Companies tend to over-purchase cyber products before developing a coherent cyber strategy.
Having a range of solutions from the endless eco-system of products does not necessarily mean you are
protected.
Attackers actually thrive on this fault line where a hotchpotch of differing solutions are deployed across an
organization.
Use 2024 as a year to review, optimize and rationalize your cyber tech stack.
Take the time to assess whether the solutions are correctly deployed, analyze whether the products meet
current and future threats, and take into account the legal and regulatory requirements.
This will help you determine whether the solutions in place are needed and outline areas to strengthen your
defences.
Developing various activities for activating, implementing, and managing your cyber defence.
Ie like food, not just one course but many small courses to make up the entire meal.
29
@solarwinds
If y u c ’ IT, y u c ’ MonITor IT and you cant
defend IT?
UnITy
SecurITy
Security ObservabilITy
to
30
@solarwinds
We call it security simplified
Protect infrastructure
from external threats
Protect systems
keeping them up-to-date
Protect data
monitoring user access rights
Protect email
monitoring exposure from data breaches
Protect employees
simulation and training - new SOC training
Protect Supply Chain – 3rd Party Security Management
manage and monitor supply chain
Protect endpoints
Active Endpoint Deception platform
Solve
Monitor Prevent
31
@solarwinds
Offering flexibility and choice in your transformation journey
SolarWinds Hybrid Cloud Observability
Hybrid Cloud Observability Essentials Hybrid Cloud Observability Advanced
Standard
Up
to
1,000
nodes
Infrastructure, network, and application performance observability • •
Physical and virtual hosts, device, and VoIP monitoring • •
Application-centric database monitoring • •
Automated discovery and dependency mapping • •
Historical and real-time dashboards and customizable reporting • •
IP address management and log management and analysis • •
Metric and event correlation • •
Distributed polling for remote environments • •
Flexible licensing—buy one license and divide nodes how you want • •
AIOps anomaly detection and alert clusters •
Security observability with Security Event Manager and Access Rights Manager integration •
Network flow and bandwidth observability •
Virtualization performance management •
Configuration management for networks, servers, and applications •
Enterprise
Scale
500
nodes
and
larger
Additional polling engines (APEs) • •
High availability • •
Additional web servers • •
Enterprise Operations Console • •
Lab license • •
Premier Support • •
32
@solarwinds
THANK
YOU

More Related Content

Similar to Glenn Lazarus- Why Your Observability Strategy Needs Security Observability

SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 

Similar to Glenn Lazarus- Why Your Observability Strategy Needs Security Observability (20)

SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the Enterprise
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdapt
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 
supply chain management.pptx
supply chain management.pptxsupply chain management.pptx
supply chain management.pptx
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Five Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response AutomationFive Reasons Why You Need Cloud Investigation & Response Automation
Five Reasons Why You Need Cloud Investigation & Response Automation
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
 

More from itnewsafrica

More from itnewsafrica (20)

Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Kenneth Palliam- Cybersecurity Maturity: The Role of the GITO Considering New...
Kenneth Palliam- Cybersecurity Maturity: The Role of the GITO Considering New...Kenneth Palliam- Cybersecurity Maturity: The Role of the GITO Considering New...
Kenneth Palliam- Cybersecurity Maturity: The Role of the GITO Considering New...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Ansgar Pabst- Disruptive Innovation through Corporate Collaboration with Star...
Ansgar Pabst- Disruptive Innovation through Corporate Collaboration with Star...Ansgar Pabst- Disruptive Innovation through Corporate Collaboration with Star...
Ansgar Pabst- Disruptive Innovation through Corporate Collaboration with Star...
 
Koen den Hollander- The Future is Omni
Koen den Hollander- The Future is OmniKoen den Hollander- The Future is Omni
Koen den Hollander- The Future is Omni
 
Wongama Millie- South African Social Media Insights 2023
Wongama Millie- South African Social Media Insights 2023Wongama Millie- South African Social Media Insights 2023
Wongama Millie- South African Social Media Insights 2023
 
Emphasising Personalization and Customer Journey Mapping in Digital Retail
Emphasising Personalization and  Customer Journey Mapping in Digital  RetailEmphasising Personalization and  Customer Journey Mapping in Digital  Retail
Emphasising Personalization and Customer Journey Mapping in Digital Retail
 
Munyaradzi Nyikavaranda- Assessing the intersect between UX, AI, Big Data: Cr...
Munyaradzi Nyikavaranda- Assessing the intersect between UX, AI, Big Data: Cr...Munyaradzi Nyikavaranda- Assessing the intersect between UX, AI, Big Data: Cr...
Munyaradzi Nyikavaranda- Assessing the intersect between UX, AI, Big Data: Cr...
 
Data Analytics & Customer Insights as enablers of businesses to employ predic...
Data Analytics & Customer Insights as enablers of businesses to employ predic...Data Analytics & Customer Insights as enablers of businesses to employ predic...
Data Analytics & Customer Insights as enablers of businesses to employ predic...
 
Mark Cockerell- A New Era of Retail Data Integration Mark Cockerell Retail ...
Mark Cockerell- A New Era of  Retail Data  Integration Mark Cockerell Retail ...Mark Cockerell- A New Era of  Retail Data  Integration Mark Cockerell Retail ...
Mark Cockerell- A New Era of Retail Data Integration Mark Cockerell Retail ...
 
Pravir Ishvarlal- Artificial Intelligence in Healthcare
Pravir Ishvarlal- Artificial Intelligence in HealthcarePravir Ishvarlal- Artificial Intelligence in Healthcare
Pravir Ishvarlal- Artificial Intelligence in Healthcare
 
Braden van Breda- The Role of AI, Robotics in African Healthcare
Braden van Breda- The Role of AI, Robotics in African HealthcareBraden van Breda- The Role of AI, Robotics in African Healthcare
Braden van Breda- The Role of AI, Robotics in African Healthcare
 
Rodney Taylor- AVA Disrupts Primary Healthcare with the Latest Asynchronous I...
Rodney Taylor- AVA Disrupts Primary Healthcare with the Latest Asynchronous I...Rodney Taylor- AVA Disrupts Primary Healthcare with the Latest Asynchronous I...
Rodney Taylor- AVA Disrupts Primary Healthcare with the Latest Asynchronous I...
 
Anish Gupta- Smart Care Coordination Platform
Anish Gupta- Smart Care Coordination PlatformAnish Gupta- Smart Care Coordination Platform
Anish Gupta- Smart Care Coordination Platform
 
Andrew Roberts- How Technology can Transform Healthcare for the Better
Andrew Roberts- How Technology can Transform Healthcare for the BetterAndrew Roberts- How Technology can Transform Healthcare for the Better
Andrew Roberts- How Technology can Transform Healthcare for the Better
 
Andrew Roberts - Mobile Health Apps for Improved Patient Engagement and Educa...
Andrew Roberts - Mobile Health Apps for Improved Patient Engagement and Educa...Andrew Roberts - Mobile Health Apps for Improved Patient Engagement and Educa...
Andrew Roberts - Mobile Health Apps for Improved Patient Engagement and Educa...
 
Tanya Muller- Improving Healthcare Delivery Through The Use Of AI
Tanya Muller- Improving Healthcare Delivery Through The Use Of AITanya Muller- Improving Healthcare Delivery Through The Use Of AI
Tanya Muller- Improving Healthcare Delivery Through The Use Of AI
 

Recently uploaded

Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 

Recently uploaded (20)

Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability

  • 1. 1 @solarwinds Why Your ObservabilITy Strategy Needs Security ObservabilITy! Glenn Lazarus CEO ATS Network Management
  • 2. 2 @solarwinds 2 @solarwinds TO HARNESS NEW GROWTH OPPORTUNITIES, ORGANIZATIONS ARE DOING THE FOLLOWING: HOWEVER, SEVERE CHALLENGES ABOUND: Leveraging multi-cloud deployments Modernizing operations, apps, and databases Supporting increasingly remote work Stagnant IT budgets and resource constraints Complexity, security, and productivity challenges Stringent uptime and service-level agreement (SLA) requirements Digital Transformation Is Accelerating Across Organizations of All Sizes
  • 3. 3 @solarwinds Technology Landscapes Powering Transformation Are Increasingly Complex Information silos and tool sprawl High risk and cost Manual root cause analysis Poor service delivery Low productivity 1 ’ 1 ’ 1 ’ 1 ’ 100s 100s 1,000s 100s INFRAST RUCTURE NODES APPLICATIONS DATABASES CLOUD SERVICES Note: Example of a single environment for an upper-mid-market customer. Modernization of apps and databases DevOps, CloudOps, and AIOps teams Infrastructure as a service (IaaS), SD-WAN, secure access service edge (SASE) Hybrid and multi-cloud and cloud-native Data Center 1 Data Center 2 Branch Office Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool App Vendor Tool App Vendor Tool Free Cloud Tool Open-Source Tool User Vendor Tool Customers, partners, and employees SaaS Hardware Vendor Tool Hardware Vendor Tool Cloud
  • 4. 4 @solarwinds Limited visibility across the technology stack Customer Challenges Tool sprawl requires staff to develop and maintain skills in different operating environments Multiple information sources add complexity and time to issue resolution, leading to operational inefficiencies Businesses services distributed across hybrid cloud environments present unique challenges for troubleshooting, optimization, and security Too many alerts can cause fatigue or be ignored, putting customer and end-user experience at risk Missed SLAs and service-level objectives (SLOs) can result in additional costs through fines Need greater control over complex systems
  • 5. 5 @solarwinds Evolve from reactive monitoring of WHAT has happened Historically(more like yesterday) proactive observability into WHY something is happening and gain actionable insights Monitoring Is the Foundation for Observability to
  • 7. 7 @solarwinds Simplify and extend Hybrid Cloud Observability Eliminate tool sprawl Gain a unified solution with single-pane-of-glass monitoring and actionable intelligence to help expedite problem resolution and enable proactive management across hybrid environments. Reduce alert fatigue and risk Correlate problems that happened simultaneously on related devices with customizable alerts to help enable faster remediation, reduce alert fatigue, and increase automation. Gain deployment flexibility Drive growth initiatives with flexible licensing, enabling you to purchase the nodes you need and deploy however you need in your environment. Further your cloud modernization efforts with flexible deployment options on-premises or self-hosted in the cloud. Be cloud-ready Comprehensive observability across Hybrid Cloud Observability, empowering you to integrate today and evolve as your business needs dictate. Security Help organizations better understand the complex vulnerabilities within their environments while providing real-time visibility to help detect and remediate security issues.
  • 8. 8 @solarwinds Tracking the three pillars of observability— metrics, logs, and traces Use the endless stream of telemetry data to identify security risks and vulnerabilities Even the best-planned observability strategy is incomplete without the fourth pillar - security By leveraging the internal visibility observability provides then overlaying it with security data, extend eyes and ears into every corner of the IT environment Established processes track and analyze the right telemetry data sources! The strategy helps many businesses support the stability and performance of complex, distributed IT environments The fourth pillar of Observability -Security
  • 9. 9 @solarwinds Identify, analyze, and categorize suspicious patterns or anomalies. Security data (metadata from firewalls, threat detection, or traffic analyzers layered on top of telemetry data). Correlating data sets can grant deeper visibility and context to infer system health and security integrity. Viewing traffic spikes through a security data lens might unveil patterns indicating a brute-force attempt to access vital systems. Include full-stack integration with cloud-based applications, networks, databases, and third-party security tools or monitoring solutions to improve cross-functional collaboration and ensure teams ’ c b fy c u f u •Incorporate AIOps, machine learning, and intelligent modeling capabilities designed to automatically correlate vast data volumes and help teams spot security anomalies and areas of interest in real time. •Cut through the noise and make more informed decisions by focusing on critical issues. Access to a single source of truth The fourth pillar of Observability -Security
  • 10. 10 @solarwinds The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over 3 years. South Africa was almost R50 million Tech Central 51% of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools. USD 1.76 million The average savings for organizations that use security AI and automation extensively is USD 1.76 million compared to z ’ IBM research Estimated annual cost of cyber-attacks globally (USD) 2024 $9.5 Trillion IBM research(A trillion is a 1 with 12 zeros after it, represented as 1,000,000,000,000) Rand 180,000,000,000,000 The cost of a data breach in 2023
  • 11. 11 @solarwinds Many of us have used Chat-GPT and other AI tools over the past year. AI has exploded on to the digital landscape, and with its emergence comes great opportunities and significant threats. The power to use AI to automate and transform how we develop, operate and grow our businesses is the most significant digital transformation since the emergence of the internet. However, that very same power in the hands of cyber attackers means the threat level will increase and evolve into new and more invasive ways to penetrate cyber defenses. AI tools opportunities or significant threats
  • 12. 12 @solarwinds Cyber security needs to become accessible to everyone in the organization. It's ultimately about finding faults in systems and processes and closing the gaps that attackers can use to leverage an attack. Cyber execs need to be open and conduct a campaign within their businesses to ensure they deliver knowledge and transparency about the role of cyber. Security ObservabilITy accessible to everyone
  • 13. 13 @solarwinds Hybrid Cloud Observability—Designed for Your Needs Built-in intelligence Anomaly detection  Event correlation  Remediation  Auto-instrumented recommendations  Automation Ensure compliance with automated configuration and change management and IP address management Ensure SLAs with end-to-end visibility to pinpoint performance issues Gain deep understanding of network paths across the entire delivery chain Automatically detect and track devices and manage switch ports Get powerful quickly understand your connected landscape Gain understanding of the application and the underlying layers upon which it depends
  • 14. 14 @solarwinds Critical Security Controls - CIS Controls The 18 CIS Critical Security Controls Formerly the SANS Critical Security Controls (SANS Top 20) these are now officially called the CIS Critical Security Controls (CIS Controls). CIS define Controls by activities, rather than by who manages the devices. Physical devices, fixed boundaries, and discrete islands of security implementation are less important.
  • 15. 15 @solarwinds The 18 CIS Critical Security Controls CIS Control 1: Inventory and Control of Enterprise Assets CIS Control 2: Inventory and Control of Software Assets CIS Control 3: Data Protection CIS Control 4: Secure Configuration of Enterprise Assets and Software CIS Control 5: Account Management CIS Control 6: Access Control Management CIS Control 7: Continuous Vulnerability Management CIS Control 8: Audit Log Management CIS Control 9: Email Web Browser and Protections CIS Control 10: Malware Defenses CIS Control 11: Data Recovery CIS Control 12: Network Infrastructure Management CIS Control 13: Network Monitoring and Defense CIS Control 14: Security Awareness and Skills Training CIS Control 15: Service Provider Management CIS Control 16: Application Software Security CIS Control 17: Incident Response Management CIS Control 18: Penetration Testing
  • 16. 16 @solarwinds IDENTIFY DETECT RESPOND Systems. Assets. Data. • Physical • Virtual • Network • Software • 3rd Party compliance • User training/Skills Timely Discovery • Firmware vulnerabilities • Policy violations • Security events Manager • Active Directory® stats • ID Monitor Intelligent Actions • Evidence-based assessments and reporting • Security dashboard • Risk metrics AR • Address future risks Security Observability is built to reduce the attack surface, manage access, and improve compliance Security Is Everyone’s Responsibility Proactive Security Observability provides real-time visibility to detect and remediate security issues • Helps ensure integrity across your infrastructure • Helps reduces security risks and business disruptions
  • 17. 17 @solarwinds Gain visibility across your environments to reduce the mean time needed to detect, alert on, and remediate security incidents Security Observability = Hybrid Cloud Observability + Security integration Hybrid Cloud Observability Security Observability Protecting increasingly distributed and complex IT infrastructures by providing a secure Security integration with Hybrid Cloud Observability
  • 18. 18 @solarwinds The solution gives you insights into the internal state of a system based on external behavior with extensive reporting Full-Stack Observability Solution with Security For better: Visibility + Alerting + Investigation + Efficiency Infrastructure security Data security Cybersecurity Access control Vulnerability management + 3rd Party Patch management Change management /ITSM Single pane of glass/ 1 Source of truth Compliance and audit reporting Security Observability Traces Logs Metrics • Greater control in complex distributed systems • Seamless management • B ’ -eye view to help resolve internal issues
  • 19. 19 @solarwinds Built-In Intelligence Access Rights Manager Security Event Manager Patch Manager Problem: Customers with no security teams rely on IT administrators (and different tools) to identify security incidents in their infrastructure, network, applications, and data. Solution: A single-pane-of-glass solution providing IT admins comprehensive visibility into their environment to help them reduce the mean time needed to detect, alert on, and remediate security incidents Manage and audit access rights across your IT infrastructure Improve your security posture and quickly demonstrate compliance Patch management software designed to quickly address software vulnerabilities Integration Approach
  • 20. 20 @solarwinds Security Observability Security Integration for Hybrid Cloud Observability With Security Observability • Cuts through layers of virtualization, containerization, and fabric overlays to properly view your network • Get real-time visibility to help detect, alert on, and remediate security incidents • Monitor security and compliance status on a dedicated security dashboard
  • 21. 21 @solarwinds Covers security-related events, metrics, and activities Summary Dashboards Single-pane-of-glass solution designed to identify critical security issues • Better understanding of the complexities within the environment • Gain real-time visibility to help detect and remediate security issues • View security events, firmware vulnerabilities, policy violations, risk assessments, and more in a single dashboard
  • 22. 22 @solarwinds Security integration for Hybrid Cloud Observability Benefits of Security Observability Remove internal silos and have complete control Gain insights into the entire internal state of a complex distributed environment Reduce the time it takes to identify security issues Understand the security posture of the environment This integration combines security-related events, metrics, and activities with the other data in Hybrid Cloud Observability. Some of the key benefits of this security integration include:
  • 23. 23 @solarwinds What can be added Security Observability Dashboard Active Endpoint Deception Platform and Malware Defenses Protects against ransomware, malware, and unknown threats! Mitigate ransomware in seconds, before any data is exfiltrated or encrypted. Alert and dashboard integration
  • 24. 24 @solarwinds What can be added Security Observability Dashboard Third-Party Security Risk Management Evaluate new vendors Close their cyber gaps Continuously Monitor their cyber posture. Alert
  • 25. 25 @solarwinds What can be added Security Observability Dashboard Identity Monitoring Proactively protect digital identities - with a robust technology ecosystem that promotes maximum extensibility Uncover threats to your organization like malware-infected employees, stolen session cookies, and recency of breach exposures Alert
  • 26. 26 @solarwinds Secured Security Observability Detection of Anomalies: By monitoring system behaviour and performance metrics, observability tools can detect anomalies that may indicate security breaches or unauthorized access. For example, unexpected spikes in network traffic or unusual patterns in user behaviour could signal a potential security threat. Incident Response: In the event of a security incident, observability tools provide valuable data for incident response and investigation. Security teams can quickly identify the source of the incident, understand its impact, and take appropriate action to contain and remediate the threat. Forensic Analysis: Observability enables detailed forensic analysis by providing a comprehensive view of system activities leading up to and during a security incident. This information is crucial for understanding the root cause of the incident, identifying vulnerabilities, and implementing measures to prevent future attacks. Visibility into Cloud Environments: With the increasing adoption of cloud services, maintaining visibility into cloud environments is essential for ensuring security. Observability tools designed for cloud environments can monitor and analyze cloud-native logs, metrics, and events, helping organizations detect and respond to security threats effectively. Compliance Monitoring: Many regulatory requirements mandate the monitoring and auditing of system activities for security compliance. Observability tools can help organizations demonstrate compliance by providing detailed logs and audit trails that document security-related events and activities. Threat Hunting: Observability enables proactive threat hunting by allowing security teams to analyze historical data and search for indicators of compromise or suspicious behaviour. By continuously monitoring system activity and analyzing data trends, organizations can identify and mitigate security risks before they escalate into full-blown incidents. Real-time Alerting: Observability tools can be configured to generate real-time alerts for security events that require immediate attention. By alerting security teams to potential threats as they occur, organizations can respond promptly and minimize the impact of security incidents.
  • 27. 27 @solarwinds Cyber security is a business problem that can affect every aspect of your company. Too often, we do not see cyber experts taking their place in the boardroom. One strategy is to Assume breach, read our white paper This is a crucial strategic move towards ensuring you can plan for and respond effectively if and when facing a cyber threat. Cyber security is a business problem
  • 28. 28 @solarwinds Companies tend to over-purchase cyber products before developing a coherent cyber strategy. Having a range of solutions from the endless eco-system of products does not necessarily mean you are protected. Attackers actually thrive on this fault line where a hotchpotch of differing solutions are deployed across an organization. Use 2024 as a year to review, optimize and rationalize your cyber tech stack. Take the time to assess whether the solutions are correctly deployed, analyze whether the products meet current and future threats, and take into account the legal and regulatory requirements. This will help you determine whether the solutions in place are needed and outline areas to strengthen your defences. Developing various activities for activating, implementing, and managing your cyber defence. Ie like food, not just one course but many small courses to make up the entire meal.
  • 29. 29 @solarwinds If y u c ’ IT, y u c ’ MonITor IT and you cant defend IT? UnITy SecurITy Security ObservabilITy to
  • 30. 30 @solarwinds We call it security simplified Protect infrastructure from external threats Protect systems keeping them up-to-date Protect data monitoring user access rights Protect email monitoring exposure from data breaches Protect employees simulation and training - new SOC training Protect Supply Chain – 3rd Party Security Management manage and monitor supply chain Protect endpoints Active Endpoint Deception platform Solve Monitor Prevent
  • 31. 31 @solarwinds Offering flexibility and choice in your transformation journey SolarWinds Hybrid Cloud Observability Hybrid Cloud Observability Essentials Hybrid Cloud Observability Advanced Standard Up to 1,000 nodes Infrastructure, network, and application performance observability • • Physical and virtual hosts, device, and VoIP monitoring • • Application-centric database monitoring • • Automated discovery and dependency mapping • • Historical and real-time dashboards and customizable reporting • • IP address management and log management and analysis • • Metric and event correlation • • Distributed polling for remote environments • • Flexible licensing—buy one license and divide nodes how you want • • AIOps anomaly detection and alert clusters • Security observability with Security Event Manager and Access Rights Manager integration • Network flow and bandwidth observability • Virtualization performance management • Configuration management for networks, servers, and applications • Enterprise Scale 500 nodes and larger Additional polling engines (APEs) • • High availability • • Additional web servers • • Enterprise Operations Console • • Lab license • • Premier Support • •