The document discusses the importance of a full stack cyber security approach from an information security professional's perspective. It recommends scanning both external and internal networks as the first and second lines of defense, similar to an airbag and seatbelt in a car. The document also provides an overview of a product demo for a network security workflow automation tool that allows for discovery scanning, dynamic asset management, risk prioritization, and flexible reporting.

1. A Day in the Life of an Information
Security Professional
Eren Cihangir
August 2019

2. 2
Why a Full Stack Cyber Security Approach?
• A hacker takes a holistic view when trying to
attack your organization
• You need to think about your risk profile
holistically
• With digital transformation the threat
landscape has become more complex and
less homogenous making it harder for your
organization to spot vulnerabilities easily
Full Stack Cyber Security
Network
Applications
Data
User
Devices
Business Value

3. 3
Security – Step by Step
Your company is being targeted Outpost24 OUTSCAN
As a first line of defense protect your internet facing
(external) assets.
Like checking that all windows of a house are closed
by walking around the house.
Protecting your company from the OUTSIDE IN
approach will protect you from external attacks. But
what about the attacks from the inside (malware,
hacker gaining access to the internal network)?
Outpost24 HIAB provides a comprehensive view of
your attack surface and assesses the weak point for
the internal networks of your organization.

4. 4
• Human error is still one of the biggest risks
in information security.
• BYOD policies (Bring Your Own Device) is
adding to this risk substantially.
• Your internal network is likely interwoven
with supplier networks, leaving you
potentially vulnerable.
• Lack of security scanning makes it easier for
an attacker to move within your network
and stay for a long time by establishing
RATs.
Internal Networks Are At Risk

5. 5
• Internal and external scanning are like an Airbag
and seat belt in car security: both are designed to
protect the passenger in case of a crash. However
they address different risks and complement each
other to maximize security.
• Scanning your external facing IPs should be
considered your first line of defense
• The scanning of an internal network should be
the second line of defense
• Ensuring attacks are identified even though the
external scans might not have noticed them
• Ensuring that you notice if a part of your internal
network is compromised and you can act swiftly to
minimize the impact
Second Line of Defense

6. Key outcomes: Product Demo
• Guidance to improve network
security workflow
• Including automation to enhance day
to day vulnerabilities checking
• Best practices to build stronger
working relationships
• Implementing best practices and
reporting
6

7. Main features
• Discovery scanning to ensure new IPs are checked
• Dynamic asset management to segment targets into groups
• CVSS scoring to prioritize risk rating
• Scanning-less scanning to identify new risks
• Solution-based reporting to filter results against business goals
• Flexible and configurable through open API
7

8. Product Demo 8

9. Security Assessment Workflow 9
Identify what you own
Assess where it is weak
Focused risk reduction

10. About us

11. Scanning and monitoring your network 24x7, provides you with the
complete view of the attack surface and threat landscape.
Uncovering real risks, vulnerabilities, and providing actionable
insights to better inform your strategic decisions.
Our solution is your one-stop source of vulnerability management
that continuously checks for vulnerabilities to ensure you never miss
anything and can act on real vulnerabilities and keep your business
moving.
11

12. Eren Cihangir
Sales Engineer
eci@outspot24.com
+1 630 401 5154
Q & A