Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson

•

0 likes•258 views

The document discusses implementing a security analytics platform to enable a proactive, risk-based approach to cybersecurity. It notes challenges with current point solutions that make holistic risk management difficult. The presentation argues that a unified analytics platform is needed to integrate data from multiple security tools and facilitate deeper insights through techniques like threat hunting. It presents SAS Institute's security analytics platform as a solution to transition organizations from reactive to proactive security management through multi-dimensional, data-driven insights.

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Incidents, Indicators, Insights
Risk Based Mitigation Through Security Analytics Platform
Keith Swanson, Regional Director, Fraud, Financial Crimes &
Security Intelligence
SAS Institute

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Risk Based Approach to Security
CyberKill Chain
Recon Weaponize Exploitation Installation
Command &
Control
Actions on
Objective
IoAs:
Detect & Analyze
IoCs:
Contain,Eradicate, Recover

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Difficulty
Actioning
IoAs
!
Proliferationof point
analytics solutions
impeding holistic risk-
based approach
Inability toproactively
leverage dataassets in
a meaningful way
Identificationof more events without full
context todrive action
Analytics focusedsolely
on detectionvs.
acceleratingresponse
Lack of technology
integrationforcing
reactive posture

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Productivity PlatformOperational Platform
E P P
E D R
F W
D L P
W e b / Em a i l
G a t e way s
I A M
The Underlying Cause
A VI D S
I P S
U B A
R i sk
M g t .
I n v e st i g at i o n
S I EM
T i c ke t i n gO r c h e st ra t i o n

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Everyone’s Talking
About Analytics
Source: Panemon InstituteSurvey, 2017

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Operational Platform
E P P
E D R
F W
D L P
W e b / Em a i l
G a t e way s
I A M
Change Is Needed!
A VI D S
I P S
Analytics Platform
U B A
Productivity Platform
R i sk
M g t .
I n v e st i g at i o n
S I EM
T i c ke t i n gO r c h e st ra t i o n

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Everyone’s Trying
Analytics

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Is Analytics the Answer?
Unifying platform & approach across security
analytics required
• End-to-endsuiteof analyticscapabilities
• Providesfoundationof capabilityfor deeper insightsfromdata
• Facilitatesthreathunting
• Governed & managedprocesses
• Clearly defined roles & standards
• Feedbackloop

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Enterprise Strategy Group: SOAPA

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Transitioning from Reactive to Proactive Security Management
Multi-Dimensional,Data-Driven Insights
• Data enriched prior to detection
• Behavior simultaneously monitored across
key dimensions (triangulation)
• Context derived to streamlineand optimize
response
• Analytics extended to driveautomation
Threat
App IAM
EndpointNetwork

Com pa ny Conf ide nt ial – For Int er na l Use O nly
Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d.
Analytic Layer Foundation
Analytics Platform
Security Threat
Detection
Analytic
Management
Automation &
Collaboration
Deployed data ingest models & detection
analytics, supported by Triage / Investigation
End-to-end analytic lifecycle management
Enterprise risk visualization & analytics deployed
for driving efficiency in operational functions
Data Management – Discovery – Deployment

Santosh Tiwari, Analytics Expert, SAS presented on the topic "Data Driven Business" at IDG CIO Summit 8-9 Feb 2018, in which he talked about modern, open platform Viya built for analytics innovation, and shared a vision on how the future of analytics looks like. During this session, he also emphasized on Artificial Intelligence & Machine Learning to build automated agile analytics platforms for customer engagement and business decisions.

Trends in AML Compliance and Technology

SAS Institute India Pvt. Ltd

Continuous cyber attacks: Building the next-gen infrastructure

Accenture Operations

Intelligent Infrastructures: Unlocking the Digital Business

accenture

Accenture High Performance Security Report 2016 for Insurance

Accenture Insurance

Technology Factor: Accelerating Your Journey to As a Service

accenture

The State of Cybersecurity and Digital Trust 2016

Accenture Operations

Cloud in the Boardroom

Accenture Operations

Accenture Finds that Vast Majority of Companies are Embracing the Journey to the Cloud but Alignment to Business Strategy Lags Accenture’s “Cloud in the Boardroom” study found that although there’s a significant uptick in cloud adoption at the enterprise level, companies are missing the full benefit of their cloud adoptions by not factoring their IT implementations into their overall business strategy. Accenture conducted an online survey, fielded between January and February of 2016, of 1,879 C-level executives of companies across 15 industries in 13 countries. Some key findings include: - More than 95 percent of respondents have a five-year cloud strategy already in place, however only 38 percent have aligned these plans with overarching business goals. - Four of five executives reported that less than half of their business functions are currently operated in public cloud, but noted increasing intent on moving more of their operations to the cloud in the coming years. - 89 percent of respondents agree that implementing cloud strategies is a competitive advantage which allows their companies to leverage innovation through agility. - While half of respondents cite security as their biggest concern with the public model, more than 80 percent believe public cloud security is more robust and transparent than what they’re able to provide in-house. “Our research confirms that enterprise clients are overwhelmingly recognizing the value of a Cloud First agenda—leveraging the cloud to bring applications, infrastructure and business processes together and be delivered as-a-Service—as a driver of digital innovation, and they are upfront about the guidance they need in order to move even faster on their journey to the cloud,” said Jack Sepple, senior managing director, Accenture Cloud and Accenture Operations group technology officer. “By taking steps to align their cloud and business strategies and to involve IT more directly in cloud decision-making, companies will be better positioned on their journey to the cloud as the as-a-Service economy matures.”

Banks and other financial services firms need to recognize the threats of cyber risk in a different way. Many have put in place thick walls to protect themselves. But firms cannot be protected at all times from a cyber-related incident. So putting in place structures, technologies and processes to ensure resilience—or fast recovery—is as much or more important than simply putting more locks on the doors or building stronger walls. See www.accenture.com/CyberRisk for more.

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Accenture Technology

Agricultural Chemicals 2016 Supply Chain Benchmarking Study

accenture

Accenture Regulatory Compliance Platform

accenture

For financial services businesses managing ongoing compliance challenges, active compliance may be a solution. Accenture’s Regulatory Compliance Platform (ARCP) helps businesses maximize their compliance efforts through an active compliance approach. See how the ARCP provides an integrated, responsive, scalable platform that supports a client’s individual business and capabilities needs. Visit http://bit.ly/1oh2KJ2 for more information.

Accenture's 2017 Technology Vision for Insurance

Accenture Insurance

The biggest innovations in insurance over the next three years will not be in the technology tools themselves, but in how we design them with customers, agents, employees and other human partners in mind. The digital revolution today is an age of human empowerment: Rapid advances have created a people-centric technology environment, where the power lies with people to shape technology as they see fit. Accenture's Technology Vision for Insurance 2017 takes an annual look across the insurance landscape to identify emerging technology trends that hold the greatest potential to disrupt businesses, industries and people.

A new frontier for technology: Nimble innovation for growth

accenture

CIOs are struggling to deliver timely, incremental value at a reasonable cost and lack the budget, people or time to take the business in a new direction. An innovation mind-set shift needs to take place focused on three factors: 1.) Take time-bound, incremental steps to meet business objectives 2.) Establish a culture and ecosystem for innovation 3.) Extend the funding beyond traditional IT boundaries Learn more: http://www.accenture.com/nimbleinnovation

The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...

accenture

Digital Technology in Mining: Progress and Opportunity

accenture

FusionX & Accenture: One Global Security Team

accenture

Harnessing the Power of Entrepreneurs to Open Innovation

Accenture Operations

Entrepreneurs and startups are crucial to economic growth and job creation. Yet despite the mythology that has built up around the disruptive power of startups, the overwhelming majority need to leverage the market presence and scale of larger, established enterprises if they are to be truly successful. Meanwhile, large companies are feeling pressure to innovate and become more entrepreneurial, yet find their culture and structures getting in the way. Large companies and entrepreneurs need to collaborate more effectively and take a journey towards more Open Innovation. But how? This Accenture presentation was made to the G20 Young Entrepreneurs Alliance Summit, Istanbul, Turkey on September 8, 2015.

Security Technology Vision 2016

Accenture Technology

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Accenture Technology

Intelligent Automation - 3 Lessons Learned

Accenture Technology

Outside the (Black) Box: Protecting Core Operations in Energy

accenture

In a recent survey, Accenture Security learned that a majority of oil and gas company leaders, 74 percent, said their organization is confident that cybersecurity measures will yield valuable results. And yet, 60 percent of respondents said that cyber attacks are still a bit of a black box. If they are to protect their core operations from increasing cybersecurity threats, oil and gas companies must realign their cybersecurity strategies, particularly when it comes to industrial control system and operational technology environments.

Accenture High Performance Security Report 2016 For Communications

accenture

Aujas_Gartner_Dubai_v1_Nov15Sameer Shelke

Day-3, Mr. Satyajit Dwivedi analytics for decision making

IPPAI

The SAS® Platform

SAS Italy

Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...

Splunk

What's hot

The cyber security leap: From laggard to leader

Accenture Australia

Security Technology Vision 2016

Melissa Gilpin

Collective Ingenuity against Cyber Attacks

Accenture Operations

How to Make Your Enterprise Cyber Resilient

Accenture Operations

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Accenture Technology

Agricultural Chemicals 2016 Supply Chain Benchmarking Study

accenture

Accenture Regulatory Compliance Platform

accenture

Accenture's 2017 Technology Vision for Insurance

Accenture Insurance

A new frontier for technology: Nimble innovation for growth

accenture

The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...

accenture

Digital Technology in Mining: Progress and Opportunity

accenture

FusionX & Accenture: One Global Security Team

accenture

Harnessing the Power of Entrepreneurs to Open Innovation

Accenture Operations

Security Technology Vision 2016

Accenture Technology

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Accenture Technology

Intelligent Automation - 3 Lessons Learned

Accenture Technology

Outside the (Black) Box: Protecting Core Operations in Energy

accenture

Accenture High Performance Security Report 2016 For Communications

accenture

Aujas_Gartner_Dubai_v1_Nov15Sameer Shelke

Day-3, Mr. Satyajit Dwivedi analytics for decision making

IPPAI

What's hot (20)

The cyber security leap: From laggard to leader

Security Technology Vision 2016

Collective Ingenuity against Cyber Attacks

How to Make Your Enterprise Cyber Resilient

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Agricultural Chemicals 2016 Supply Chain Benchmarking Study

Accenture Regulatory Compliance Platform

Accenture's 2017 Technology Vision for Insurance

A new frontier for technology: Nimble innovation for growth

The New Energy Consumer: What Promises Do Blockchain Technologies Offer Energ...

Digital Technology in Mining: Progress and Opportunity

FusionX & Accenture: One Global Security Team

Harnessing the Power of Entrepreneurs to Open Innovation

Security Technology Vision 2016

For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...

Intelligent Automation - 3 Lessons Learned

Outside the (Black) Box: Protecting Core Operations in Energy

Accenture High Performance Security Report 2016 For Communications

Aujas_Gartner_Dubai_v1_Nov15

Day-3, Mr. Satyajit Dwivedi analytics for decision making

Similar to Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson

The SAS® Platform

SAS Italy

Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...

Splunk

The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018

Splunk

Security and Automation: Can they work together? Can we survive if they don't?

Trish McGinity, CCSK

Using Machine Learning and Analytics to Hunt for Security Threats - Webinar

Splunk

SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...

Splunk

Ensuring Maximum Quality in the Era of IoT and Wearables

Josiah Renaudin

Until recently, the Internet of Things (IoT) was just an idea that techies talked about. Unlike innovations in the past, development and testing of the IoT is significantly more elaborate. After introducing the technology of wearables and IoT, Gauri Arondekar delves into the components and architectures that make it work. Focusing on tools and solutions that accelerate the testing processes, Gauri shares the success story of an end-to-end testing strategy for a leading provider of digital fitness solutions. Gauri describes how her team helped Peloton Cycle ensure an uninterrupted and seamless user experience. The Peloton bike, as part of an IoT ecosystem, required a new testing strategy to achieve the required quality. Automated tests became fundamental to the project, which also required a rapid, comprehensive study of technologies along with out-of-the-box test methodologies to simulate a user’s fitness session. In the course of the project, the team reduced testing cycles from one-to-two weeks to two-to-three days and developed comprehensive test automation for a native app on a custom tablet. Join Gauri as she describes the journey to deliver an IoT test strategy and the challenges they tackled along the way.

SAS Data Management for Analytics: potenzia le tue analisi e sostieni l’innov...

SAS Italy

Ora più che mai le analisi di alta qualità richiedono dati di alta qualità! Con il crescente uso di molteplici e nuove fonti, come Hadoop e l'Internet of Things, i dati che fungono da combustibile per gli Analytics stanno seguendo una spirale ascendente in termini di varietà, volume e complessità nel mondo dei Big Data. Questa presentazione ti aiuterà a capire come la soluzione SAS Data Management può supportarti a migliorare la qualità dei tuoi dati e a ridurne i tempi di preparazione.

Splunk Discovery Day Dubai 2017 - Security Keynote

Splunk

Splunk for Enterprise Security featuring User Behavior Analytics

Splunk

This session will review Splunk’s two premium solutions - Splunk Enterprise Security (ES) is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams.

Securing Your Digital Transformation: Cybersecurity and You

SAP Ariba

The digital transformation journey supported by SAP enables our customers to increase business agility, pursue innovation, and demonstrate growth. Cybersecurity is essential to a successful digital transformation and continues to be even more critical as our integrated suite of SAP Ariba solutions drives technologies to promote connected commerce. Join us in this engrossing session as we outline critical steps to securing your organization’s digital transformation.

SplunkLive! Paris 2018: Splunk And AI 101

Splunk

Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'

Splunk

HPE AIOps Expo

Katherine Fritsch

Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk

Splunk

Asset Performance Management in Oil and Gas Industry

Arrelic

AWS Summit Singapore 2019 | Building Business Outcomes with Machine Learning ...

Amazon Web Services

Speaker: Barnam Bora, Head of AI/ML, APAC, AWS Customer Speaker: Guangda Li, Co-founder & CTO, ViSenze Note: This is part 2 of the deck. WS offers different paths for building and deploying scalable ML solutions. This session provides an insight to how AWS customers are building intelligent systems powered by AI and ML. Learn how these services, in conjunction with the large number of complementary AWS technologies, provide a great platform for our customers to build their own AI and ML powered solutions and drive business value. Towards the latter part of this session, hear how customers are deploying their ML on AWS and can now leverage Marketplace to monetise their models.

SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI

Splunk

SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI

Splunk

Hedge Fund case study solution - Credit default swaps execution system and Gr...

Naveen Kumar

Similar to Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson (20)

The SAS® Platform

Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...

The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018

Security and Automation: Can they work together? Can we survive if they don't?

Using Machine Learning and Analytics to Hunt for Security Threats - Webinar

SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...

Ensuring Maximum Quality in the Era of IoT and Wearables

SAS Data Management for Analytics: potenzia le tue analisi e sostieni l’innov...

Splunk Discovery Day Dubai 2017 - Security Keynote

Splunk for Enterprise Security featuring User Behavior Analytics

Securing Your Digital Transformation: Cybersecurity and You

SplunkLive! Paris 2018: Splunk And AI 101

Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'

HPE AIOps Expo

Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk

Asset Performance Management in Oil and Gas Industry

AWS Summit Singapore 2019 | Building Business Outcomes with Machine Learning ...

SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI

SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI

Hedge Fund case study solution - Credit default swaps execution system and Gr...

Recently uploaded

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

Vladimir Iglovikov, Ph.D.

Presented by Vladimir Iglovikov: - https://www.linkedin.com/in/iglovikov/ - https://x.com/viglovikov - https://www.instagram.com/ternaus/ This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation. Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners. This case study covers various aspects, including: People: The contributors and community that have supported Albumentations. Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions. Challenges: The hurdles in monetizing open-source projects and measuring user engagement. Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration. Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community. Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations. Mental Health: Maintaining balance and not feeling pressured by user demands. Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth. Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects. Explore more about Albumentations and join the community at: GitHub: https://github.com/albumentations-team/albumentations Website: https://albumentations.ai/ LinkedIn: https://www.linkedin.com/company/100504475 Twitter: https://x.com/albumentations

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Alex Pruden

This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second). Paper: https://eprint.iacr.org/2023/1886

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

UiPath Test Automation using UiPath Test Suite series, part 5

DianaGray10

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

RESUME BUILDER APPLICATION Project for students

KAMESHS29

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

Neo4j

Recently uploaded (20)

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

How to Get CNIC Information System with Paksim Ga.pptx

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

PCI PIN Basics Webinar from the Controlcase Team

National Security Agency - NSA mobile device best practices

By Design, not by Accident - Agile Venture Bolzano 2024

Video Streaming: Then, Now, and in the Future

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Generative AI Deep Dive: Advancing from Proof of Concept to Production

UiPath Test Automation using UiPath Test Suite series, part 5

Monitoring Java Application Security with JDK Tools and JFR Events

Elizabeth Buie - Older adults: Are we really designing for our future selves?

A tale of scale & speed: How the US Navy is enabling software delivery from l...

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

RESUME BUILDER APPLICATION Project for students

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson

1. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Incidents, Indicators, Insights Risk Based Mitigation Through Security Analytics Platform Keith Swanson, Regional Director, Fraud, Financial Crimes & Security Intelligence SAS Institute

2. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Risk Based Approach to Security CyberKill Chain Recon Weaponize Exploitation Installation Command & Control Actions on Objective IoAs: Detect & Analyze IoCs: Contain,Eradicate, Recover

3. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Difficulty Actioning IoAs ! Proliferationof point analytics solutions impeding holistic risk- based approach Inability toproactively leverage dataassets in a meaningful way Identificationof more events without full context todrive action Analytics focusedsolely on detectionvs. acceleratingresponse Lack of technology integrationforcing reactive posture

4. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Productivity PlatformOperational Platform E P P E D R F W D L P W e b / Em a i l G a t e way s I A M The Underlying Cause A VI D S I P S U B A R i sk M g t . I n v e st i g at i o n S I EM T i c ke t i n gO r c h e st ra t i o n

5. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Everyone’s Talking About Analytics Source: Panemon InstituteSurvey, 2017

6. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Operational Platform E P P E D R F W D L P W e b / Em a i l G a t e way s I A M Change Is Needed! A VI D S I P S Analytics Platform U B A Productivity Platform R i sk M g t . I n v e st i g at i o n S I EM T i c ke t i n gO r c h e st ra t i o n

7. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Everyone’s Trying Analytics

8. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Is Analytics the Answer? Unifying platform & approach across security analytics required • End-to-endsuiteof analyticscapabilities • Providesfoundationof capabilityfor deeper insightsfromdata • Facilitatesthreathunting • Governed & managedprocesses • Clearly defined roles & standards • Feedbackloop

9. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Operational Platform E P P E D R F W D L P W e b / Em a i l G a t e way s I A M Change Is Needed! A VI D S I P S Analytics Platform U B A Productivity Platform R i sk M g t . I n v e st i g at i o n S I EM T i c ke t i n gO r c h e st ra t i o n

10. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Enterprise Strategy Group: SOAPA

11. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Transitioning from Reactive to Proactive Security Management Multi-Dimensional,Data-Driven Insights • Data enriched prior to detection • Behavior simultaneously monitored across key dimensions (triangulation) • Context derived to streamlineand optimize response • Analytics extended to driveautomation Threat App IAM EndpointNetwork

12. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Operational Platform E P P E D R F W D L P W e b / Em a i l G a t e way s I A M Analytic Layer Foundation A VI D S I P S Analytics Platform U B A Productivity Platform R i sk M g t . I n v e st i g at i o n S I EM T i c ke t i n gO r c h e st ra t i o n D a t a D i sc o ve r D e p l o y Security Threat Detection Analytic Management Automation& Collaboration

13. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Analytic Layer Foundation Analytics Platform Security Threat Detection Analytic Management Automation & Collaboration Deployed data ingest models & detection analytics, supported by Triage / Investigation End-to-end analytic lifecycle management Enterprise risk visualization & analytics deployed for driving efficiency in operational functions Data Management – Discovery – Deployment

14. Com pa ny Conf ide nt ial – For Int er na l Use O nly Copy r ig ht © S AS Inst itut e Inc. All r ig hts r e se r ve d. Operational Platform E P P E D R F W D L P W e b / Em a i l G a t e way s I A M Sample of Analytic Techniques A VI D S I P S Analytics Platform U B A Productivity Platform R i sk M g t . I n v e st i g at i o n S I EM T i c ke t i n gO r c h e st ra t i o n Comparison Analytics (Analytic Measures) Temporal Analytics (Entropy of Analytic Measures) Implicit Models (Signatures, Complex Rules) Specialized Models (Threat Typology) Unsupervised Models Supervised Models D a t a D i sc o ve r D e p l o y

Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson

Similar to Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson (20)

More from SAS Institute India Pvt. Ltd

More from SAS Institute India Pvt. Ltd (20)

Recently uploaded

Recently uploaded (20)

Incidents, Indicators, Insights – the emergence of the Security Analytics Platform - IBA - SAS Event presented by Keith Swanson