SlideShare a Scribd company logo

IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems

IBM Security
IBM Security

View Webinar: http://ibm.co/1pyzpuI The momentum continues with the IBM Security AppExchange. Join this webinar to meet the developers of two apps that help you extend the capabilities of IBM Security QRadar. iSIGHT Threatscape enables users to pull rich threat intelligence from iSIGHT Partners directly into QRadar, improving the ability to mange threats and automate security workflow. STEALTHbits monitors Microsoft systems and provides an easy and extensible dashboard for viewing active-directory changes logged by STEALTHbits products Learn the advantages of sharing best practices and collaborating with others to battle highly organized cybercrime - join the era of collaborative defense!

Technology
1 of 37
Download to read offline
© 2015 IBM Corporation Russell Warren Program Manager, Technology Alliances IBM Security IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems Adam Laub SVP Product Marketing STEALTHbits Mike Jawetz Senior Solutions Architect iSIGHT Partners
2© 2015 IBM Corporation Meet our speakers! Mike Jawetz Senior Solutions Architect iSIGHT Partners Adam Laub Senior VP, Product Marketing STEALTHbits Technologies, Inc.
3© 2015 IBM Corporation Criminals create and share easy-to-use, sophisticated, powerful weapons Criminals are organized and collaborate on a global scale Increasing Complexity Unpatched Vulnerabilities User Negligence Resource Constraints
4© 2015 IBM Corporation Security teams need to build a collaborative defense strategy Integrated security solutions Intelligence sharing Capability sharing Break down silos with integrated security controls Share real-time threat intelligence Share security intelligence workflows, use cases and analytics
5© 2015 IBM Corporation Integrated security solutions Intelligence sharing Capability sharing Break down silos with integrated security controls Share real-time threat intelligence Share security intelligence workflows, use cases and analytics IBM Security continues investments to foster collaborative defense IBM X-Force Exchange IBM Threat Protection System IBM Security App Exchange April 16, 2015May 5, 2014 December 8, 2015
6© 2015 IBM Corporation The IBM Security App Exchange and App Framework Enables delivery of integrated solutions IBM Security App Exchange IBM QRadar App Framework The IBM Security App Exchange is a platform for security teams to engage in collaborative defense efforts against cyberattacks. The open QRadar Extension Framework API enables QRadar extensions and applications.
7© 2015 IBM Corporation A platform for security collaboration Enables rapid innovation to deliver new apps and content for IBM Security solutions IBM Security App Exchange Single platform for collaboration Access to partner innovations Validated security apps Fast extensions to security functionality
8© 2015 IBM Corporation Extend existing capabilities using easy-to-access security apps Full ‘app’ description and overview Screenshots Simple registration Extensive community feedback Easy download
9© 2015 IBM Corporation QRadar API Components QRadar App Framework underlies development and sharing NEW Open APIs for rapid innovation and creation Insider Threats Internet of Things Incident Response Cybersecurity Use Cases !  More flexibility and less complexity !  Economic and operational benefit !  Seamlessly integrated workflow !  Bundled components support new use cases
10© 2015 IBM Corporation "  App posted in IBM Security App Exchange "  App posted IBM PartnerWorld Ready for Security Intelligence Catalog "  BP is issued IBM Ready for Security Intelligence Mark "  App reviewed by IBM QRadar to ensure solution is free of security exposures and performance inhibitors. "  Feedback "  Approval "  Log into IBM Security App Exchange Technical Community with your IBM ID. "  Submit the Validation Document, and required documentation. "  Package is reviewed by PartnerWorld Validation Lab. "  Feedback, Approval and access to QRadar DeveloperWorks is granted. "  Access the Security App Exchange Tutorial and SDK through QRadar Developer Works "  Submit App and relevant App documentation through IBM Security App Exchange Technical Community PublishValidateNominate Secure content validated against set IBM criteria Week 1 Week 2 Week 3 Certification Timeline
11© 2015 IBM Corporation Easy Download and Install Step 1 Visit IBM Security App Exchange at http://apps.xforce.ibmcloud.com Step 2 Select & download your extension Step 3 Click to “Accept Terms and Conditions” Step 4 Use IBM Security QRadar Extensions Management Tool to Install and Manage 2 3 4
12© 2015 IBM Corporation Join the era of Collaborative Defense !  Team-up against the bad guys and change the economics of cybercrime !  Participate in the first ever dedicated forum for sharing technologies built around IBM Security solutions !  Find, develop and share code, insights, best practices !  Feel confident these extensions will not impact the stability of your environment http://www.ibm.com/security/engage/app-exchange/
© 2015 IBM Corporation iSight Partners Mike Jawetz Senior Solutions Architect
14© 2015 IBM Corporation ThreatScape App
15© 2015 IBM Corporation Global Reach Adversary Focused Intelligence Proven Intelligence Methodology Research – Identify threats, groups; determine/capture motivation & intent Analytics: Fuse knowledge across methods, campaigns, affiliations, historical context Dissemination – Deliver high fidelity, high impact, contextual, actionable insights ThreatScape Products 🔍 ⚙⚙ 🔊 But first, who is iSIGHT Partners? 300+ experts, 18 countries, 29 languages Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
16© 2015 IBM Corporation Intelligence Led Security Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   •  Adversary Focus •  Methods, Motives & Capabilities •  Earlier in the “Kill Chain”
17© 2015 IBM Corporation ThreatScape App Goal Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   Facilitate the delivery of iSIGHT indicators to our customers' QRadar instances. Once consumed, indicators are treated as reference sets and can be used in search, correlation, reporting, and visualization workflows in the same manner as other data
18© 2015 IBM Corporation Indicators of Compromise (IoC) into QRadar Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   Delivery via API…Authenticated with keys…Purchased through subscription
19© 2015 IBM Corporation iSIGHT Recommended Rules Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
20© 2015 IBM Corporation iSIGHT Recommended Building Blocks Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
21© 2015 IBM Corporation When violation occurs, offense is raised Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
22© 2015 IBM Corporation Offenses Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
23© 2015 IBM Corporation Offense - details Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
24© 2015 IBM Corporation ThreatScape App Right-Click Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
25© 2015 IBM Corporation ThreatScape App Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   25  
26© 2015 IBM Corporation Summary 26 IBM QRadar pulls IoC data through scheduled API calls to Using rules & building blocks, QRadar correlates with ingested logs (passiveDNS, FW, etc.) Right-click on the indicator to pull up portal for full context When a violation is detected, an is raised What kind of intel do you now have to work with? " This is a Cyber Espionage attack (not hactivism, not crime, etc.) – Help prioritize response " Launched by Fallout Team and has capabilities to operate and collect information from air-gapped systems – Scope " Social engineering component to the attack – Education must be part of response " Dynamic component to files containing C&C information – Evasion techniques in play for IR team " Malware checks if running in a known sandbox – May require physical test environment " Which IoCs are attributed directly to the attacker or just part of the detonated malware actions (related) – Shrink the problem Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
27© 2015 IBM Corporation Thank You Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   27   + Intelligence Led Security (A Company)
© 2015 IBM Corporation Partners on board! STEALTHbits Technologies: Adam Laub, SVP Product Marketing
29© 2015 IBM Corporation STEALTHbits Technologies – StealthINTERCEPT® for QRadar Real-Time Security Intelligence for Active Directory & Unstructured Data !  STEALTHbits Technologies –  Data Security Software Company –  Specialization in Access Governance and Monitoring of Unstructured Data (e.g. File Shares, SharePoint, etc.) and Active Directory –  2015 Beacon Award Winner !  Visibility Gap –  Active Directory –  Windows File Servers –  NAS Devices (NetApp, EMC, Hitachi) !  An Alternative Approach –  Bypass Native Logging –  Inject Context –  Pre-Analyze Behavior Patterns –  Block unauthorized access and changes
30© 2015 IBM Corporation Visibility Gap Once past the perimeter, things get a little fuzzy… SIEM –  What are accounts actually authenticating to? –  What are they doing when they get there? –  What files did they access? –  What are they doing to the data?
31© 2015 IBM Corporation Not All Logs Are Created Equal SIEM can’t connect the dots if the dots don’t exist !  Certain native security logs (e.g. Active Directory) lack actionable intelligence •  Missing Critical Data •  Lack Centralized Controls •  Noisy •  Lack Context !  Native security controls can be circumvented •  Can’t control your most privileged accounts o  Even hardened assets are still vulnerable o  Susceptible to compromise and attack 3
32© 2015 IBM Corporation StealthINTERCEPT® for IBM Security QRadar SIEM Real-Time Security Intelligence for Active Directory & Unstructured Data 3 •  Detect all changes, access activities, and authentication traffic •  Protect against unauthorized changes •  Control through granular policies StealthINTERCEPT QRadar PROTECT CONTROL INTEL DETECT •  Real-time Security Intelligence to QRadar Data Apps Secure *No reliance on native logging
33© 2015 IBM Corporation Active Directory Security Intelligence Authentication-based Attack Detection | Critical Change Detection & Prevention
34© 2015 IBM Corporation Unstructured Data Security Intelligence Windows & NAS File System Activity | Attacks, Changes, and Deletions ComingSoon!
© 2015 IBM Corporation Questions & Answers
36© 2015 IBM Corporation Learn more about IBM Security V2015-11-23 countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 133 25 No. 1 12K+ 90% of the Fortune 100 companies Join IBM X-Force Exchange xforce.ibmcloud.com Visit our website ibm.com/security Watch our videos on YouTube IBM Security Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security

Recommended

QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 

Recommended

QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
IBM Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
IBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 

More Related Content

What's hot

Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
IBM Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
IBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 

What's hot (20)

Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 

Viewers also liked

X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 
Reduce the Attacker's ROI with Collaborative Threat Intelligence
Reduce the Attacker's ROI with Collaborative Threat IntelligenceReduce the Attacker's ROI with Collaborative Threat Intelligence
Reduce the Attacker's ROI with Collaborative Threat Intelligence
AlienVault
 

Viewers also liked (14)

X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Security
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
 
Reduce the Attacker's ROI with Collaborative Threat Intelligence
Reduce the Attacker's ROI with Collaborative Threat IntelligenceReduce the Attacker's ROI with Collaborative Threat Intelligence
Reduce the Attacker's ROI with Collaborative Threat Intelligence
 
Threat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a DestinationThreat Intelligence is a Journey; Not a Destination
Threat Intelligence is a Journey; Not a Destination
 
Infosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseInfosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security response
 
Anomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat IntelligenceAnomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat Intelligence
 
SQL Server Query Tuning Tips - Get it Right the First Time
SQL Server Query Tuning Tips - Get it Right the First TimeSQL Server Query Tuning Tips - Get it Right the First Time
SQL Server Query Tuning Tips - Get it Right the First Time
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your Decision
 
SQL Server Performance Tuning Baseline
SQL Server Performance Tuning BaselineSQL Server Performance Tuning Baseline
SQL Server Performance Tuning Baseline
 
IBM WebSphere Portal 6.1 Preview - What's New
IBM WebSphere Portal 6.1 Preview - What's NewIBM WebSphere Portal 6.1 Preview - What's New
IBM WebSphere Portal 6.1 Preview - What's New
 

Similar to IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems

Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
IBM Security
 
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECMRich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence QuarterlyIBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM Security
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
IBM Security
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
DevOps.com
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
Prime Infoserv
 
How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic Key
IBM Security
 
The Inconvenient Truth About API Security
The Inconvenient Truth About API SecurityThe Inconvenient Truth About API Security
The Inconvenient Truth About API Security
Distil Networks
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Kevin Fealey
 

Similar to IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems (20)

Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
 
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECMRich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence QuarterlyIBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops3 florin coada - sast in the days of dev ops
3 florin coada - sast in the days of dev ops
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic Key
 
The Inconvenient Truth About API Security
The Inconvenient Truth About API SecurityThe Inconvenient Truth About API Security
The Inconvenient Truth About API Security
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
 

More from IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
IBM Security
 

More from IBM Security (20)

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
 

Recently uploaded

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 

Recently uploaded (20)

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 

IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems

  • 1. © 2015 IBM Corporation Russell Warren Program Manager, Technology Alliances IBM Security IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microsoft Systems Adam Laub SVP Product Marketing STEALTHbits Mike Jawetz Senior Solutions Architect iSIGHT Partners
  • 2. 2© 2015 IBM Corporation Meet our speakers! Mike Jawetz Senior Solutions Architect iSIGHT Partners Adam Laub Senior VP, Product Marketing STEALTHbits Technologies, Inc.
  • 3. 3© 2015 IBM Corporation Criminals create and share easy-to-use, sophisticated, powerful weapons Criminals are organized and collaborate on a global scale Increasing Complexity Unpatched Vulnerabilities User Negligence Resource Constraints
  • 4. 4© 2015 IBM Corporation Security teams need to build a collaborative defense strategy Integrated security solutions Intelligence sharing Capability sharing Break down silos with integrated security controls Share real-time threat intelligence Share security intelligence workflows, use cases and analytics
  • 5. 5© 2015 IBM Corporation Integrated security solutions Intelligence sharing Capability sharing Break down silos with integrated security controls Share real-time threat intelligence Share security intelligence workflows, use cases and analytics IBM Security continues investments to foster collaborative defense IBM X-Force Exchange IBM Threat Protection System IBM Security App Exchange April 16, 2015May 5, 2014 December 8, 2015
  • 6. 6© 2015 IBM Corporation The IBM Security App Exchange and App Framework Enables delivery of integrated solutions IBM Security App Exchange IBM QRadar App Framework The IBM Security App Exchange is a platform for security teams to engage in collaborative defense efforts against cyberattacks. The open QRadar Extension Framework API enables QRadar extensions and applications.
  • 7. 7© 2015 IBM Corporation A platform for security collaboration Enables rapid innovation to deliver new apps and content for IBM Security solutions IBM Security App Exchange Single platform for collaboration Access to partner innovations Validated security apps Fast extensions to security functionality
  • 8. 8© 2015 IBM Corporation Extend existing capabilities using easy-to-access security apps Full ‘app’ description and overview Screenshots Simple registration Extensive community feedback Easy download
  • 9. 9© 2015 IBM Corporation QRadar API Components QRadar App Framework underlies development and sharing NEW Open APIs for rapid innovation and creation Insider Threats Internet of Things Incident Response Cybersecurity Use Cases !  More flexibility and less complexity !  Economic and operational benefit !  Seamlessly integrated workflow !  Bundled components support new use cases
  • 10. 10© 2015 IBM Corporation "  App posted in IBM Security App Exchange "  App posted IBM PartnerWorld Ready for Security Intelligence Catalog "  BP is issued IBM Ready for Security Intelligence Mark "  App reviewed by IBM QRadar to ensure solution is free of security exposures and performance inhibitors. "  Feedback "  Approval "  Log into IBM Security App Exchange Technical Community with your IBM ID. "  Submit the Validation Document, and required documentation. "  Package is reviewed by PartnerWorld Validation Lab. "  Feedback, Approval and access to QRadar DeveloperWorks is granted. "  Access the Security App Exchange Tutorial and SDK through QRadar Developer Works "  Submit App and relevant App documentation through IBM Security App Exchange Technical Community PublishValidateNominate Secure content validated against set IBM criteria Week 1 Week 2 Week 3 Certification Timeline
  • 11. 11© 2015 IBM Corporation Easy Download and Install Step 1 Visit IBM Security App Exchange at http://apps.xforce.ibmcloud.com Step 2 Select & download your extension Step 3 Click to “Accept Terms and Conditions” Step 4 Use IBM Security QRadar Extensions Management Tool to Install and Manage 2 3 4
  • 12. 12© 2015 IBM Corporation Join the era of Collaborative Defense !  Team-up against the bad guys and change the economics of cybercrime !  Participate in the first ever dedicated forum for sharing technologies built around IBM Security solutions !  Find, develop and share code, insights, best practices !  Feel confident these extensions will not impact the stability of your environment http://www.ibm.com/security/engage/app-exchange/
  • 13. © 2015 IBM Corporation iSight Partners Mike Jawetz Senior Solutions Architect
  • 14. 14© 2015 IBM Corporation ThreatScape App
  • 15. 15© 2015 IBM Corporation Global Reach Adversary Focused Intelligence Proven Intelligence Methodology Research – Identify threats, groups; determine/capture motivation & intent Analytics: Fuse knowledge across methods, campaigns, affiliations, historical context Dissemination – Deliver high fidelity, high impact, contextual, actionable insights ThreatScape Products 🔍 ⚙⚙ 🔊 But first, who is iSIGHT Partners? 300+ experts, 18 countries, 29 languages Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 16. 16© 2015 IBM Corporation Intelligence Led Security Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   •  Adversary Focus •  Methods, Motives & Capabilities •  Earlier in the “Kill Chain”
  • 17. 17© 2015 IBM Corporation ThreatScape App Goal Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   Facilitate the delivery of iSIGHT indicators to our customers' QRadar instances. Once consumed, indicators are treated as reference sets and can be used in search, correlation, reporting, and visualization workflows in the same manner as other data
  • 18. 18© 2015 IBM Corporation Indicators of Compromise (IoC) into QRadar Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   Delivery via API…Authenticated with keys…Purchased through subscription
  • 19. 19© 2015 IBM Corporation iSIGHT Recommended Rules Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 20. 20© 2015 IBM Corporation iSIGHT Recommended Building Blocks Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 21. 21© 2015 IBM Corporation When violation occurs, offense is raised Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 22. 22© 2015 IBM Corporation Offenses Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 23. 23© 2015 IBM Corporation Offense - details Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 24. 24© 2015 IBM Corporation ThreatScape App Right-Click Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 25. 25© 2015 IBM Corporation ThreatScape App Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   25  
  • 26. 26© 2015 IBM Corporation Summary 26 IBM QRadar pulls IoC data through scheduled API calls to Using rules & building blocks, QRadar correlates with ingested logs (passiveDNS, FW, etc.) Right-click on the indicator to pull up portal for full context When a violation is detected, an is raised What kind of intel do you now have to work with? " This is a Cyber Espionage attack (not hactivism, not crime, etc.) – Help prioritize response " Launched by Fallout Team and has capabilities to operate and collect information from air-gapped systems – Scope " Social engineering component to the attack – Education must be part of response " Dynamic component to files containing C&C information – Evasion techniques in play for IR team " Malware checks if running in a known sandbox – May require physical test environment " Which IoCs are attributed directly to the attacker or just part of the detonated malware actions (related) – Shrink the problem Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.  
  • 27. 27© 2015 IBM Corporation Thank You Copyright  ©  2016,  FireEye,  Inc.  All  rights  reserved.   27   + Intelligence Led Security (A Company)
  • 28. © 2015 IBM Corporation Partners on board! STEALTHbits Technologies: Adam Laub, SVP Product Marketing
  • 29. 29© 2015 IBM Corporation STEALTHbits Technologies – StealthINTERCEPT® for QRadar Real-Time Security Intelligence for Active Directory & Unstructured Data !  STEALTHbits Technologies –  Data Security Software Company –  Specialization in Access Governance and Monitoring of Unstructured Data (e.g. File Shares, SharePoint, etc.) and Active Directory –  2015 Beacon Award Winner !  Visibility Gap –  Active Directory –  Windows File Servers –  NAS Devices (NetApp, EMC, Hitachi) !  An Alternative Approach –  Bypass Native Logging –  Inject Context –  Pre-Analyze Behavior Patterns –  Block unauthorized access and changes
  • 30. 30© 2015 IBM Corporation Visibility Gap Once past the perimeter, things get a little fuzzy… SIEM –  What are accounts actually authenticating to? –  What are they doing when they get there? –  What files did they access? –  What are they doing to the data?
  • 31. 31© 2015 IBM Corporation Not All Logs Are Created Equal SIEM can’t connect the dots if the dots don’t exist !  Certain native security logs (e.g. Active Directory) lack actionable intelligence •  Missing Critical Data •  Lack Centralized Controls •  Noisy •  Lack Context !  Native security controls can be circumvented •  Can’t control your most privileged accounts o  Even hardened assets are still vulnerable o  Susceptible to compromise and attack 3
  • 32. 32© 2015 IBM Corporation StealthINTERCEPT® for IBM Security QRadar SIEM Real-Time Security Intelligence for Active Directory & Unstructured Data 3 •  Detect all changes, access activities, and authentication traffic •  Protect against unauthorized changes •  Control through granular policies StealthINTERCEPT QRadar PROTECT CONTROL INTEL DETECT •  Real-time Security Intelligence to QRadar Data Apps Secure *No reliance on native logging
  • 33. 33© 2015 IBM Corporation Active Directory Security Intelligence Authentication-based Attack Detection | Critical Change Detection & Prevention
  • 34. 34© 2015 IBM Corporation Unstructured Data Security Intelligence Windows & NAS File System Activity | Attacks, Changes, and Deletions ComingSoon!
  • 35. © 2015 IBM Corporation Questions & Answers
  • 36. 36© 2015 IBM Corporation Learn more about IBM Security V2015-11-23 countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 133 25 No. 1 12K+ 90% of the Fortune 100 companies Join IBM X-Force Exchange xforce.ibmcloud.com Visit our website ibm.com/security Watch our videos on YouTube IBM Security Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
  • 37. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security