SlideShare a Scribd company logo

#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

Micro Focus
Micro Focus

‘Data violators’ have outpaced data defenders. But security and identity analytics can level the playing field. Learn how identity, access and security disciplines can benefit from: Risk-based authentication Data exfiltration identification Malicious insider activity disruption Adaptive access certification Presenter: Adam Evans, Solutions Consulting

Technology
1 of 30
Download to read offline
Security & Identity Analytics How Security and Identity Analytics can Drive Adaptive Defence Adam Evans | Senior Identity & Access Specialist | 24th February 2016
Source: PwC 2016 Global State of Information Security Survey (Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%) Hacking is Big Business… The average annual Monetary loss was $2.5m (£1.75m) per organisation
Finding the weak links – a full-time job • Social media • Link clickers • Weak passwords
Adapting to Controls
“Enterprises are having a difficult time hiring skilled people as it takes 53% of organisations between 3 and 6 months to fill a position and 10% cannot fill them at all.” Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015” Meanwhile, as the threat evolves…
Provide the limited professionals we have with the best information for rapid decision making
Analytics applies algorithms or machine learning to the “advisor feeds” for specific use cases
At Micro Focus, we believe that Identity and Security Analytics holds the greatest hope of leveling the playing field with today’s dynamic threats
Identity Analytics Use Cases
“Identity Analytics and Intelligence (IAI) moves organisations toward a contextual, dynamic, risk-based approach to identity and access management.” Source: Gartner
Risk-Based Authentication • Use risk scoring to drive step-up authentication • Static risk scoring can be assigned to the entitlement, user, or application • Add dynamic risk at request such as time of day, geo location, IP address, or device • Results can be shared back into the analytics engine as an advisor feed
Bad Behavioral Analysis • Machine learning and anomaly detection based on identities • Give privileged users insight into unusual activity with their credentials • Identify unusual patterns of access, changes and data exfiltration • Detect use of privileged account “backdoors”
Excessive Credential Detection • Identify orphaned or rogue accounts based on login or peer group analysis – revoke accounts and save on SaaS licenses • Compare employees being paid by HR, or contracts to orphaned or rogue accounts
Adaptive Access Certifications • Request immediate access certification for high-risk transactions • Prioritise the highest risk entitlements for access certifications • Indicate dormant accounts or outlier access compared to peers • Reduce rubber-stamping and increase revocation rates
Risk-Based ID & Access Provisioning • Risk-informed access request and approval • Policy improvement suggestions for roles or SOD controls
Generally, identity analytics provides better decision- making information
Security Analytics Use Cases
Abnormal Sensitive File Access • Unusual time of day for the user • From a risky IP address, geographic location or unknown machine • With credentials that haven’t been used in a while
Abnormal Data Exfiltration • Large data sets • Data movement to USB drives or an unusual location
Abnormal File Changes • File replacement outside of change windows • Changes made by an abnormal user
Abnormal Password Resets • Brute force attempts at self-service password resets • Abnormal time, location or device for password resets
Generally, security analytics is looking for abnormal activity
Enforce Access Controls Monitor User Activity Identity-Powered Security Minimise Rights Analytics
The Micro Focus Approach An Integrated Identity, Access & Security Solution Access Management & Authentication Secure User Monitoring Identity Governance & Administration AnalyticsAnalytics
Identity Governance & Administration Enforcing the Least-Privilege Principle IGA Access Request Help-Desk Integration Access Review Privileged Identity Management Delegated Administration Business Policy SOD & Roles Identity Management Minimise Rights
Enforce Access Controls AMA Single Sign-On (Web, Cloud, Enterprise) BYOI BYOD Multi-Factor Authentication Federation Risk-Based Adaptive Authentication Access Management and Authentication A Secure Sign-on Experience
Monitor User Activity SUMLog & Event Correlation SIEM File Integrity Monitoring Configuration Assessment Anomaly Detection Privileged Session Recording Secure User Monitoring Analytics - Identify Abnormal
Benefits of an Analytics Approach… • Targeted information for more efficient and intelligent decision making • Reduced data sifting to more rapidly identify and eliminate threats • Reduced overall risk with existing personnel resources
Questions?
Thank You For Listening

Recommended

#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
Kurt Hagerman
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
Lancope, Inc.
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
Ahmed Banafa
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
centralohioissa
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
Rohit Kapoor
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 

Recommended

#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
Kurt Hagerman
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
Lancope, Inc.
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
Ahmed Banafa
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
centralohioissa
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
Rohit Kapoor
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 
What is zero trust model of information security?
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
Ahmed Banafa
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
Ernest Staats
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
Ahmed Banafa
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
Cam Fulton
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Wolfgang Kandek
 
McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
Trustmarque
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
North Texas Chapter of the ISSA
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
British Embassy Paris
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Blue Coat
 

More Related Content

What's hot

What is zero trust model of information security?
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
Ahmed Banafa
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
Ernest Staats
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
Ahmed Banafa
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
Cam Fulton
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Wolfgang Kandek
 
McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
Trustmarque
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
North Texas Chapter of the ISSA
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 

What's hot (20)

What is zero trust model of information security?
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
 
McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Cloud security
Cloud securityCloud security
Cloud security
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
 

Viewers also liked

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
British Embassy Paris
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Blue Coat
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
Coastal Pet Products, Inc.
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
Nicolas Morales
 
Adaptive Enterprise Security Architecture
Adaptive Enterprise Security ArchitectureAdaptive Enterprise Security Architecture
Adaptive Enterprise Security Architecture
SABSAcourses
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
Amazon Web Services
 

Viewers also liked (10)

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
Adaptive Enterprise Security Architecture
Adaptive Enterprise Security ArchitectureAdaptive Enterprise Security Architecture
Adaptive Enterprise Security Architecture
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
 

Similar to #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Fasoo
 
Cybersecurity in Shared Services Organizations
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services Organizations
ScottMadden, Inc.
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
Adeo Security
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
Emma Kelly
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
AIS Network
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
ForgeRock
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
TI Safe
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
OnRamp
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Storage Switzerland
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
Ernest Staats
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
Splunk
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
MAX Technical Training
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flare
zilberberg
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
Interset
 
Data exfiltration so many threats 2016
Data exfiltration so many threats 2016Data exfiltration so many threats 2016
Data exfiltration so many threats 2016
FitCEO, Inc. (FCI)
 

Similar to #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense (20)

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
 
Cybersecurity in Shared Services Organizations
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services Organizations
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flare
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
 
Data exfiltration so many threats 2016
Data exfiltration so many threats 2016Data exfiltration so many threats 2016
Data exfiltration so many threats 2016
 

More from Micro Focus

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
Micro Focus
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
Micro Focus
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
Micro Focus
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
Micro Focus
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
Micro Focus
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
Micro Focus
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
Micro Focus
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
Micro Focus
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
Micro Focus
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
Micro Focus
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
Micro Focus
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
Micro Focus
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
Micro Focus
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
Micro Focus
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
Micro Focus
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
Micro Focus
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps Journey
Micro Focus
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
Micro Focus
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
Micro Focus
 

More from Micro Focus (20)

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps Journey
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
 

Recently uploaded

Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 

Recently uploaded (20)

Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 

#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

  • 1. Security & Identity Analytics How Security and Identity Analytics can Drive Adaptive Defence Adam Evans | Senior Identity & Access Specialist | 24th February 2016
  • 2. Source: PwC 2016 Global State of Information Security Survey (Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%) Hacking is Big Business… The average annual Monetary loss was $2.5m (£1.75m) per organisation
  • 3. Finding the weak links – a full-time job • Social media • Link clickers • Weak passwords
  • 5. “Enterprises are having a difficult time hiring skilled people as it takes 53% of organisations between 3 and 6 months to fill a position and 10% cannot fill them at all.” Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015” Meanwhile, as the threat evolves…
  • 6. Provide the limited professionals we have with the best information for rapid decision making
  • 7. Analytics applies algorithms or machine learning to the “advisor feeds” for specific use cases
  • 8. At Micro Focus, we believe that Identity and Security Analytics holds the greatest hope of leveling the playing field with today’s dynamic threats
  • 10. “Identity Analytics and Intelligence (IAI) moves organisations toward a contextual, dynamic, risk-based approach to identity and access management.” Source: Gartner
  • 11. Risk-Based Authentication • Use risk scoring to drive step-up authentication • Static risk scoring can be assigned to the entitlement, user, or application • Add dynamic risk at request such as time of day, geo location, IP address, or device • Results can be shared back into the analytics engine as an advisor feed
  • 12. Bad Behavioral Analysis • Machine learning and anomaly detection based on identities • Give privileged users insight into unusual activity with their credentials • Identify unusual patterns of access, changes and data exfiltration • Detect use of privileged account “backdoors”
  • 13. Excessive Credential Detection • Identify orphaned or rogue accounts based on login or peer group analysis – revoke accounts and save on SaaS licenses • Compare employees being paid by HR, or contracts to orphaned or rogue accounts
  • 14. Adaptive Access Certifications • Request immediate access certification for high-risk transactions • Prioritise the highest risk entitlements for access certifications • Indicate dormant accounts or outlier access compared to peers • Reduce rubber-stamping and increase revocation rates
  • 15. Risk-Based ID & Access Provisioning • Risk-informed access request and approval • Policy improvement suggestions for roles or SOD controls
  • 16. Generally, identity analytics provides better decision- making information
  • 18. Abnormal Sensitive File Access • Unusual time of day for the user • From a risky IP address, geographic location or unknown machine • With credentials that haven’t been used in a while
  • 19. Abnormal Data Exfiltration • Large data sets • Data movement to USB drives or an unusual location
  • 20. Abnormal File Changes • File replacement outside of change windows • Changes made by an abnormal user
  • 21. Abnormal Password Resets • Brute force attempts at self-service password resets • Abnormal time, location or device for password resets
  • 22. Generally, security analytics is looking for abnormal activity
  • 24. The Micro Focus Approach An Integrated Identity, Access & Security Solution Access Management & Authentication Secure User Monitoring Identity Governance & Administration AnalyticsAnalytics
  • 25. Identity Governance & Administration Enforcing the Least-Privilege Principle IGA Access Request Help-Desk Integration Access Review Privileged Identity Management Delegated Administration Business Policy SOD & Roles Identity Management Minimise Rights
  • 26. Enforce Access Controls AMA Single Sign-On (Web, Cloud, Enterprise) BYOI BYOD Multi-Factor Authentication Federation Risk-Based Adaptive Authentication Access Management and Authentication A Secure Sign-on Experience
  • 27. Monitor User Activity SUMLog & Event Correlation SIEM File Integrity Monitoring Configuration Assessment Anomaly Detection Privileged Session Recording Secure User Monitoring Analytics - Identify Abnormal
  • 28. Benefits of an Analytics Approach… • Targeted information for more efficient and intelligent decision making • Reduced data sifting to more rapidly identify and eliminate threats • Reduced overall risk with existing personnel resources
  • 30. Thank You For Listening