SlideShare a Scribd company logo
Security & Identity
Analytics
How Security and Identity Analytics can Drive
Adaptive Defence
Adam Evans | Senior Identity & Access Specialist | 24th February 2016
Source: PwC 2016 Global State of Information Security Survey
(Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%)
Hacking is Big Business…
The average annual
Monetary loss was
$2.5m (£1.75m)
per organisation
Finding the weak links – a full-time job
• Social media
• Link clickers
• Weak passwords
Adapting to Controls
“Enterprises are having a difficult
time hiring skilled people as it takes
53% of organisations between 3 and
6 months to fill a position and 10%
cannot fill them at all.”
Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015”
Meanwhile, as the threat evolves…
Provide the limited
professionals we have
with the best information
for rapid decision making
Analytics applies algorithms or
machine learning to the
“advisor feeds” for specific use
cases
At Micro Focus, we believe that
Identity and Security Analytics
holds the greatest hope of leveling
the playing field with today’s
dynamic threats
Identity Analytics Use Cases
“Identity Analytics and Intelligence (IAI)
moves organisations toward a contextual,
dynamic, risk-based approach to identity
and access management.”
Source: Gartner
Risk-Based Authentication
• Use risk scoring to drive step-up authentication
• Static risk scoring can be assigned to the entitlement,
user, or application
• Add dynamic risk at request such as time of day, geo
location, IP address, or device
• Results can be shared back into the analytics engine
as an advisor feed
Bad Behavioral Analysis
• Machine learning and anomaly detection based on
identities
• Give privileged users insight into unusual activity with
their credentials
• Identify unusual patterns of access, changes and data
exfiltration
• Detect use of privileged account “backdoors”
Excessive Credential Detection
• Identify orphaned or rogue accounts based on login or
peer group analysis – revoke accounts and save on
SaaS licenses
• Compare employees being paid by HR, or contracts to
orphaned or rogue accounts
Adaptive Access Certifications
• Request immediate access certification for high-risk
transactions
• Prioritise the highest risk entitlements for access
certifications
• Indicate dormant accounts or outlier access compared
to peers
• Reduce rubber-stamping and increase revocation rates
Risk-Based ID & Access Provisioning
• Risk-informed access request and approval
• Policy improvement suggestions for roles or SOD
controls
Generally, identity analytics
provides better decision-
making information
Security Analytics Use Cases
Abnormal Sensitive File Access
• Unusual time of day for the user
• From a risky IP address, geographic location or
unknown machine
• With credentials that haven’t been used in a while
Abnormal Data Exfiltration
• Large data sets
• Data movement to USB drives or an unusual location
Abnormal File Changes
• File replacement outside of change windows
• Changes made by an abnormal user
Abnormal Password Resets
• Brute force attempts at self-service password resets
• Abnormal time, location or device for password resets
Generally, security analytics is
looking for abnormal activity
Enforce
Access
Controls
Monitor
User
Activity
Identity-Powered Security
Minimise
Rights
Analytics
The Micro Focus Approach
An Integrated Identity, Access & Security Solution
Access
Management &
Authentication
Secure
User
Monitoring
Identity Governance &
Administration
AnalyticsAnalytics
Identity Governance & Administration
Enforcing the Least-Privilege Principle
IGA
Access
Request
Help-Desk
Integration
Access
Review
Privileged
Identity
Management
Delegated
Administration
Business Policy
SOD & Roles
Identity
Management
Minimise Rights
Enforce Access Controls
AMA
Single Sign-On
(Web, Cloud,
Enterprise)
BYOI
BYOD
Multi-Factor
Authentication
Federation
Risk-Based
Adaptive
Authentication
Access Management and Authentication
A Secure Sign-on Experience
Monitor User Activity
SUMLog & Event
Correlation
SIEM
File
Integrity
Monitoring
Configuration
Assessment
Anomaly
Detection
Privileged
Session
Recording
Secure User Monitoring
Analytics - Identify Abnormal
Benefits of an Analytics
Approach…
• Targeted information for more efficient and
intelligent decision making
• Reduced data sifting to more rapidly identify and
eliminate threats
• Reduced overall risk with existing personnel
resources
Questions?
Thank You For Listening

More Related Content

What's hot

What is zero trust model of information security?
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
Ahmed Banafa
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
Nandita Nityanandam
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
Ernest Staats
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
Ahmed Banafa
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
Cam Fulton
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Wolfgang Kandek
 
McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
Trustmarque
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
North Texas Chapter of the ISSA
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 

What's hot (20)

What is zero trust model of information security?
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
 
McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Cloud security
Cloud securityCloud security
Cloud security
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
 

Viewers also liked

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
British Embassy Paris
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Blue Coat
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
Coastal Pet Products, Inc.
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
Nicolas Morales
 
Adaptive Enterprise Security Architecture
Adaptive Enterprise Security ArchitectureAdaptive Enterprise Security Architecture
Adaptive Enterprise Security Architecture
SABSAcourses
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
DataWorks Summit/Hadoop Summit
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
Amazon Web Services
 

Viewers also liked (10)

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
 
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
Adaptive Enterprise Security Architecture
Adaptive Enterprise Security ArchitectureAdaptive Enterprise Security Architecture
Adaptive Enterprise Security Architecture
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
 

Similar to #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Fasoo
 
Cybersecurity in Shared Services Organizations
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services Organizations
ScottMadden, Inc.
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
Adeo Security
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
Emma Kelly
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
AIS Network
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
ForgeRock
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
TI Safe
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
OnRamp
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Storage Switzerland
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
Ernest Staats
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
Splunk
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
MAX Technical Training
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flare
zilberberg
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
Interset
 
Data exfiltration so many threats 2016
Data exfiltration so many threats 2016Data exfiltration so many threats 2016
Data exfiltration so many threats 2016
FitCEO, Inc. (FCI)
 

Similar to #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense (20)

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
 
Cybersecurity in Shared Services Organizations
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services Organizations
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
 
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flare
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
 
Data exfiltration so many threats 2016
Data exfiltration so many threats 2016Data exfiltration so many threats 2016
Data exfiltration so many threats 2016
 

More from Micro Focus

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
Micro Focus
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
Micro Focus
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
Micro Focus
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
Micro Focus
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
Micro Focus
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
Micro Focus
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
Micro Focus
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
Micro Focus
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
Micro Focus
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
Micro Focus
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
Micro Focus
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
Micro Focus
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
Micro Focus
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
Micro Focus
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
Micro Focus
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
Micro Focus
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps Journey
Micro Focus
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
Micro Focus
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
Micro Focus
 

More from Micro Focus (20)

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps Journey
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
 

Recently uploaded

EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
The importance of Quality Assurance for ICT Standardization
The importance of Quality Assurance for ICT StandardizationThe importance of Quality Assurance for ICT Standardization
The importance of Quality Assurance for ICT Standardization
Axel Rennoch
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10
ankush9927
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
DianaGray10
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
Steven Carlson
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
Brian Pichman
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
aakash malhotra
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
HackersList
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 

Recently uploaded (20)

EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
The importance of Quality Assurance for ICT Standardization
The importance of Quality Assurance for ICT StandardizationThe importance of Quality Assurance for ICT Standardization
The importance of Quality Assurance for ICT Standardization
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 

#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

  • 1. Security & Identity Analytics How Security and Identity Analytics can Drive Adaptive Defence Adam Evans | Senior Identity & Access Specialist | 24th February 2016
  • 2. Source: PwC 2016 Global State of Information Security Survey (Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%) Hacking is Big Business… The average annual Monetary loss was $2.5m (£1.75m) per organisation
  • 3. Finding the weak links – a full-time job • Social media • Link clickers • Weak passwords
  • 5. “Enterprises are having a difficult time hiring skilled people as it takes 53% of organisations between 3 and 6 months to fill a position and 10% cannot fill them at all.” Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015” Meanwhile, as the threat evolves…
  • 6. Provide the limited professionals we have with the best information for rapid decision making
  • 7. Analytics applies algorithms or machine learning to the “advisor feeds” for specific use cases
  • 8. At Micro Focus, we believe that Identity and Security Analytics holds the greatest hope of leveling the playing field with today’s dynamic threats
  • 10. “Identity Analytics and Intelligence (IAI) moves organisations toward a contextual, dynamic, risk-based approach to identity and access management.” Source: Gartner
  • 11. Risk-Based Authentication • Use risk scoring to drive step-up authentication • Static risk scoring can be assigned to the entitlement, user, or application • Add dynamic risk at request such as time of day, geo location, IP address, or device • Results can be shared back into the analytics engine as an advisor feed
  • 12. Bad Behavioral Analysis • Machine learning and anomaly detection based on identities • Give privileged users insight into unusual activity with their credentials • Identify unusual patterns of access, changes and data exfiltration • Detect use of privileged account “backdoors”
  • 13. Excessive Credential Detection • Identify orphaned or rogue accounts based on login or peer group analysis – revoke accounts and save on SaaS licenses • Compare employees being paid by HR, or contracts to orphaned or rogue accounts
  • 14. Adaptive Access Certifications • Request immediate access certification for high-risk transactions • Prioritise the highest risk entitlements for access certifications • Indicate dormant accounts or outlier access compared to peers • Reduce rubber-stamping and increase revocation rates
  • 15. Risk-Based ID & Access Provisioning • Risk-informed access request and approval • Policy improvement suggestions for roles or SOD controls
  • 16. Generally, identity analytics provides better decision- making information
  • 18. Abnormal Sensitive File Access • Unusual time of day for the user • From a risky IP address, geographic location or unknown machine • With credentials that haven’t been used in a while
  • 19. Abnormal Data Exfiltration • Large data sets • Data movement to USB drives or an unusual location
  • 20. Abnormal File Changes • File replacement outside of change windows • Changes made by an abnormal user
  • 21. Abnormal Password Resets • Brute force attempts at self-service password resets • Abnormal time, location or device for password resets
  • 22. Generally, security analytics is looking for abnormal activity
  • 24. The Micro Focus Approach An Integrated Identity, Access & Security Solution Access Management & Authentication Secure User Monitoring Identity Governance & Administration AnalyticsAnalytics
  • 25. Identity Governance & Administration Enforcing the Least-Privilege Principle IGA Access Request Help-Desk Integration Access Review Privileged Identity Management Delegated Administration Business Policy SOD & Roles Identity Management Minimise Rights
  • 26. Enforce Access Controls AMA Single Sign-On (Web, Cloud, Enterprise) BYOI BYOD Multi-Factor Authentication Federation Risk-Based Adaptive Authentication Access Management and Authentication A Secure Sign-on Experience
  • 27. Monitor User Activity SUMLog & Event Correlation SIEM File Integrity Monitoring Configuration Assessment Anomaly Detection Privileged Session Recording Secure User Monitoring Analytics - Identify Abnormal
  • 28. Benefits of an Analytics Approach… • Targeted information for more efficient and intelligent decision making • Reduced data sifting to more rapidly identify and eliminate threats • Reduced overall risk with existing personnel resources
  • 30. Thank You For Listening