SlideShare a Scribd company logo

Security - Situational awareness

Raffael Marty
Raffael Marty

This presentation gives a very short introduction to security situational awareness. It shows what the state of the art in security visualization is and where there are challenges to be solved. The presentation also features a visualization maturity scale that is published here for the first time. This presentation was given

TechnologyEducation
1 of 27
Download to read offline
Situational Awareness raffael marty - pixlcloud december 2011
Is this useful for Situational Awareness? pixlcloud | creating big data stories copyright (c) 2011
Overview Network Security Sit Awareness Today Where we should be Challenges Resources pixlcloud | creating big data stories copyright © 2011
Raffael Marty • SaaS business expert pixlcloud • Data visualization practitioner • Security data analyst IBM Research Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 pixlcloud | creating big data stories copyright (c) 2011
Cyber Security Network Security Information Security Data Collection Authentication Authorization Forensics / IR Accounting Reporting Neglected!!! BCM / DR Alerting OS Security Situational Awareness Policies and Procedures ... Reactive Pro-Active pixlcloud | creating big data stories copyright (c) 2011
Situational Awareness “Situational Awareness is the ability to identify, process, and comprehend the critical elements of information about what is happening to the team with regards to the mission. More simply, it’s knowing what is going on around you.” ‣ find air force viz images IWViz - IDS Situational Awareness pixlcloud | creating big data stories copyright © 2011
Sit Awareness Is Visualization ‣ Visualization - because machine centered approaches have failed ‣ Leverage human cognitive capabilities ‣Pattern recognition ‣Pre-attentive processing ‣Context memory pixlcloud | creating big data stories copyright © 2011
Today pixlcloud | creating big data stories copyright (c) 2011
Data Sources for Sit Awareness 1.1.1.1 10.0.0.2 ‣Flow records 9.4.242.10 ‣ Firewalls 1.1.1.1 10.0.0.2 9.4.242.10 ‣ IDS/IPSs 1.1.1.1 10.0.0.2 9.4.242.10 ‣ What about: PCAP, DNS, BGP, OS, Proxies, User behavior ?? ‣ Context information - Hosts, Users, ... pixlcloud | creating big data stories copyright © 2011
Todays Visualization Tools ‣ Based on specific data source ‣ Hard to use ‣ Limited interactivity ‣ Not real-time ‣ Slow ‣ Ugly ‣ Gephi ‣ PicViz ‣ R ‣ Treemap 4.1 ‣ Matlab ‣ Google Earth ‣ Mondrian pixlcloud | creating big data stories copyright © 2011
Take the Blinders Off! pixlcloud | creating big data stories copyright © 2011
Visualization Maturity ‣ Data Collection Contextual Data iterations ‣ Data Analysis Data Sources (Data Store) Structured Data Visual Representation ‣ Context Integration parsing visualization feature selection ‣ Visualization files database filtering aggregation cleansing ‣ Visual Analytics ‣ Collaboration ‣ Dissemination pixlcloud | creating big data stories copyright © 2011
Security Visualization Dichotomy Security Visualization ‣ security data ‣ types of data ‣ networking protocols ‣ perception ‣ routing protocols (the Internet) ‣ optics ‣ security impact ‣ color theory ‣ security policy ‣ depth cue theory ‣ jargon ‣ interaction theory ‣ use-cases ‣ types of graphs ‣ are the end-users ‣ human computer interaction pixlcloud | creating big data stories copyright © 2011
Landscape Changes Threat Landscape Technology • from disruptive to disastrous • Big Data • from audacious to “low and slow” • NoSQL • from fame to financial gain • Column-based data stores • from manual to automated • Map Reduce (hadoop) • from indiscriminate to targeted • Cloud • from infrastructure to applications • on demand computing We have technology to attack the threats! BUT we don’t know what to do with it! pixlcloud | creating big data stories copyright © 2011
The Public Sector ‣ Currently using a lot of Excel ‣ Big data technologies (e.g., Datameer, Karmasphere, Cloudera) ‣ Incremental improvements to SIEM tools (e.g., ArcSight, etc.) ‣ Using non security / network tools (e.g., Advizor, Cognos) ‣ Working with blacklists and whitelists ‣ Not understanding the data intrinsically pixlcloud | creating big data stories copyright © 2011
The Government Everything is different from Industry Scale Data sources e.g., DISA has 5 million e.g., ASIM CIDS live hosts Types of attacks Adversaries I have no example .... e.g., Nation states pixlcloud | creating big data stories copyright © 2011
We Need pixlcloud | creating big data stories copyright (c) 2011
What we Need ‣ Leverage advanced technologies (big data, etc.) ‣ Build for the actual users, not programmers! ‣ End to end tools, not yet another library ‣ Interactive, not static! ‣ Multiple data sources at once ‣ Leverage context, not just event data ‣ Decouple data from the tools ‣ Crowd intelligence pixlcloud | creating big data stories copyright © 2011
Make it This Simple! pixlcloud | creating big data stories copyright © 2011
Challenges pixlcloud | creating big data stories copyright (c) 2011
Maturity Challenge Companies and products are stuck on the left hand side! pixlcloud | creating big data stories copyright © 2011
1 Data Challenges ‣ No data - no insights - no sit awareness ‣ We don’t even have / collect the data ‣ It is too hard to collect data ‣ We don’t understand our data! ‣ Data silos ‣ Large amounts of semi-structured data ‣Parsing data is extremely hard pixlcloud | creating big data stories copyright © 2011
Tool Challenges ‣ Same old - all over Overview first ‣Does your SIEM support visual analytics? ‣ Missing: Brushing, Interactivity ‣ Help the user understand the data! Zoom and Filter ‣ Highly scalable visualization systems are hard to build! ‣ What algorithms are useful? (e.g., clustering) Details on demand ‣ Visualization expertise is missing ‣ Visualization AND security is an interdisciplinary problem pixlcloud | creating big data stories copyright © 2011
Visualization Challenges ‣ Skilled people are missing ‣ What are we even trying to look for? ‣ Anomaly detection is not working ‣ Academia is disconnected ‣Use-cases and problems ‣State of the art in industry ‣ Visualization is always an afterthought pixlcloud | creating big data stories copyright © 2011
Myths ‣Real-time ‣Do we really need real-time? ‣Hadoop ‣Not everything that is big data needs to use Hadoop! ‣Know your technologies! ‣Cloud ‣Will we ever put security relevant data into the cloud? pixlcloud | creating big data stories copyright © 2011
Resources ‣ SecViz: http://secviz.org and @secviz ‣ CERT - NetSA: http://www.cert.org/netsa/ ‣Mainly a collection of papers and links to some tools (SiLK) ‣ VizSec Conference: http://www.vizsec.org ‣ Applied Security Visualization R. Marty, 2008 pixlcloud | creating big data stories copyright © 2011
pixlcloud buy now creating big data stories @raffaelmarty copyright (c) by r. marty - december 2011

Recommended

ControlCase CMMC Basics Deck Final.pdf
ControlCase CMMC Basics Deck Final.pdfControlCase CMMC Basics Deck Final.pdf
ControlCase CMMC Basics Deck Final.pdf
AmyPoblete3
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Cognitive Digital Twin by Fariz Saračević
Cognitive Digital Twin by Fariz SaračevićCognitive Digital Twin by Fariz Saračević
Cognitive Digital Twin by Fariz Saračević
Bosnia Agile
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
Sam Bowne
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
7wounders
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptx
SandeepK707540
 

Recommended

ControlCase CMMC Basics Deck Final.pdf
ControlCase CMMC Basics Deck Final.pdfControlCase CMMC Basics Deck Final.pdf
ControlCase CMMC Basics Deck Final.pdf
AmyPoblete3
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Cognitive Digital Twin by Fariz Saračević
Cognitive Digital Twin by Fariz SaračevićCognitive Digital Twin by Fariz Saračević
Cognitive Digital Twin by Fariz Saračević
Bosnia Agile
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
Sam Bowne
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
7wounders
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptx
SandeepK707540
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
Divya Tiwari
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
Cisco Canada
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
ChandanChandu928137
 
Information Management Basics
Information Management BasicsInformation Management Basics
Information Management Basics
Community IT Innovators
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1
MLG College of Learning, Inc
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
DallasHaselhorst
 
Human computer interaction
Human computer interactionHuman computer interaction
Human computer interaction
Ayusha Patnaik
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
Dr David Probert
 
Cyber security
Cyber securityCyber security
Cyber security
Prem Raval
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
Team Finland Future Watch
 
Security Awareness & Training
Security Awareness & TrainingSecurity Awareness & Training
Security Awareness & Training
novemberchild
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
Nawanan Theera-Ampornpunt
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...
The University of Texas (UTRGV)
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
Argyle Executive Forum
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
John Gilligan
 
Fatigue and Situational Awareness
Fatigue and Situational AwarenessFatigue and Situational Awareness
Fatigue and Situational Awareness
AtlantaSafetyCouncil
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
Marshall Bowen
 

More Related Content

What's hot

Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
Divya Tiwari
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
Cisco Canada
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
ChandanChandu928137
 
Information Management Basics
Information Management BasicsInformation Management Basics
Information Management Basics
Community IT Innovators
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
Sameera Amjad
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1
MLG College of Learning, Inc
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
DallasHaselhorst
 
Human computer interaction
Human computer interactionHuman computer interaction
Human computer interaction
Ayusha Patnaik
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
Dr David Probert
 
Cyber security
Cyber securityCyber security
Cyber security
Prem Raval
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
Team Finland Future Watch
 
Security Awareness & Training
Security Awareness & TrainingSecurity Awareness & Training
Security Awareness & Training
novemberchild
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
Nawanan Theera-Ampornpunt
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...
The University of Texas (UTRGV)
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
Argyle Executive Forum
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
John Gilligan
 

What's hot (20)

Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Information Management Basics
Information Management BasicsInformation Management Basics
Information Management Basics
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
 
Human computer interaction
Human computer interactionHuman computer interaction
Human computer interaction
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
 
Cyber security
Cyber securityCyber security
Cyber security
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
 
Security Awareness & Training
Security Awareness & TrainingSecurity Awareness & Training
Security Awareness & Training
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 

Viewers also liked

Fatigue and Situational Awareness
Fatigue and Situational AwarenessFatigue and Situational Awareness
Fatigue and Situational Awareness
AtlantaSafetyCouncil
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
Marshall Bowen
 
Situational awareness
Situational awarenessSituational awareness
Situational awareness
Casey Roy
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
rcoats7
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
Brian Link
 
Situational Awareness and Why It's Important
Situational Awareness and Why It's ImportantSituational Awareness and Why It's Important
Situational Awareness and Why It's Important
Alien Gear Holsters
 
Situational awareness
Situational awarenessSituational awareness
Situational awareness
personalprotector
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Situational awareness for computer network security
Situational awareness for computer network securitySituational awareness for computer network security
Situational awareness for computer network security
mmubashirkhan
 
ILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company UpdateILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company Update
LexisNexis Software Division
 
Achieving 360° view of security for complete situational awareness
Achieving 360° view of security for complete situational awarenessAchieving 360° view of security for complete situational awareness
Achieving 360° view of security for complete situational awareness
Happiest Minds Technologies
 
20 Things EMS Can Do With Capnography!
20 Things EMS Can Do With Capnography!20 Things EMS Can Do With Capnography!
20 Things EMS Can Do With Capnography!
Rommie Duckworth
 
Situational Awareness - Why It's Important
Situational Awareness - Why It's ImportantSituational Awareness - Why It's Important
Situational Awareness - Why It's Important
Alien Gear Holsters
 
To situation awareness theory
To situation awareness theoryTo situation awareness theory
To situation awareness theory
engineerteju
 
Shared situation awareness
Shared situation awarenessShared situation awareness
Shared situation awareness
AngeliqueD
 
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Government Technology and Services Coalition
 
Situational Awareness for Fire and EMS
Situational Awareness for Fire and EMSSituational Awareness for Fire and EMS
Situational Awareness for Fire and EMS
Rommie Duckworth
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
Aakash Bhagat
 
Technology Trends in Situation Awareness
Technology Trends in Situation AwarenessTechnology Trends in Situation Awareness
Technology Trends in Situation Awareness
Brandon Greenberg
 
Improving our energy at work
Improving our energy at workImproving our energy at work
Improving our energy at work
Roberto de Paula Lico Junior
 

Viewers also liked (20)

Fatigue and Situational Awareness
Fatigue and Situational AwarenessFatigue and Situational Awareness
Fatigue and Situational Awareness
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
 
Situational awareness
Situational awarenessSituational awareness
Situational awareness
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
 
Situational Awareness and Why It's Important
Situational Awareness and Why It's ImportantSituational Awareness and Why It's Important
Situational Awareness and Why It's Important
 
Situational awareness
Situational awarenessSituational awareness
Situational awareness
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Situational awareness for computer network security
Situational awareness for computer network securitySituational awareness for computer network security
Situational awareness for computer network security
 
ILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company UpdateILTA 2014: LexisNexis Software Company Update
ILTA 2014: LexisNexis Software Company Update
 
Achieving 360° view of security for complete situational awareness
Achieving 360° view of security for complete situational awarenessAchieving 360° view of security for complete situational awareness
Achieving 360° view of security for complete situational awareness
 
20 Things EMS Can Do With Capnography!
20 Things EMS Can Do With Capnography!20 Things EMS Can Do With Capnography!
20 Things EMS Can Do With Capnography!
 
Situational Awareness - Why It's Important
Situational Awareness - Why It's ImportantSituational Awareness - Why It's Important
Situational Awareness - Why It's Important
 
To situation awareness theory
To situation awareness theoryTo situation awareness theory
To situation awareness theory
 
Shared situation awareness
Shared situation awarenessShared situation awareness
Shared situation awareness
 
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
 
Situational Awareness for Fire and EMS
Situational Awareness for Fire and EMSSituational Awareness for Fire and EMS
Situational Awareness for Fire and EMS
 
Situational Awareness
Situational AwarenessSituational Awareness
Situational Awareness
 
Technology Trends in Situation Awareness
Technology Trends in Situation AwarenessTechnology Trends in Situation Awareness
Technology Trends in Situation Awareness
 
Improving our energy at work
Improving our energy at workImproving our energy at work
Improving our energy at work
 

Similar to Security - Situational awareness

Hitachi Cloud and Solutions
Hitachi Cloud and Solutions Hitachi Cloud and Solutions
Hitachi Cloud and Solutions
Hitachi Vantara
 
16h30 p duff-big-data-final
16h30 p duff-big-data-final16h30 p duff-big-data-final
16h30 p duff-big-data-final
Luiz Gustavo Santos
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
Amazon Web Services
 
New Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudNew Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the Cloud
Online Tech
 
The Enterprise Trifecta
The Enterprise TrifectaThe Enterprise Trifecta
The Enterprise Trifecta
sinhabipul
 
Big Data on AWS
Big Data on AWSBig Data on AWS
Big Data on AWS
Amazon Web Services LATAM
 
Solving Compliance for Big Data
Solving Compliance for Big DataSolving Compliance for Big Data
Solving Compliance for Big Data
fbeckett1
 
Accel Partners New Data Workshop 7-14-10
Accel Partners New Data Workshop 7-14-10Accel Partners New Data Workshop 7-14-10
Accel Partners New Data Workshop 7-14-10
keirdo1
 
DISA: Cloud Computing And SaaS
DISA: Cloud Computing And SaaSDISA: Cloud Computing And SaaS
DISA: Cloud Computing And SaaS
GovCloud Network
 
2012: The Tipping Point of Broad Scale Cloud Deployment
2012: The Tipping Point of Broad Scale Cloud Deployment2012: The Tipping Point of Broad Scale Cloud Deployment
2012: The Tipping Point of Broad Scale Cloud Deployment
Open Data Center Alliance
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud Computing
Sam Garforth
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
sallysogeti
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
reshmaroberts
 
When Where Why Cloud
When Where Why CloudWhen Where Why Cloud
When Where Why Cloud
reshmaroberts
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Move your desktop to the cloud for $1 day
Move your desktop to the cloud for $1 day Move your desktop to the cloud for $1 day
Move your desktop to the cloud for $1 day
Desktone
 
Prc open stack conf aug 2012 cox v1
Prc open stack conf aug 2012 cox v1Prc open stack conf aug 2012 cox v1
Prc open stack conf aug 2012 cox v1
OpenCity Community
 
AIIM Cloud Webinar - EMC Corporation
AIIM Cloud Webinar - EMC CorporationAIIM Cloud Webinar - EMC Corporation
AIIM Cloud Webinar - EMC Corporation
Shadrach White
 
Cloud Computing through FCAPS Managed Services in a Virtualized Data Center
Cloud Computing through FCAPS Managed Services in a Virtualized Data CenterCloud Computing through FCAPS Managed Services in a Virtualized Data Center
Cloud Computing through FCAPS Managed Services in a Virtualized Data Center
vsarathy
 
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Jyothi Satyanathan
 

Similar to Security - Situational awareness (20)

Hitachi Cloud and Solutions
Hitachi Cloud and Solutions Hitachi Cloud and Solutions
Hitachi Cloud and Solutions
 
16h30 p duff-big-data-final
16h30 p duff-big-data-final16h30 p duff-big-data-final
16h30 p duff-big-data-final
 
Big Data & The Cloud
Big Data & The CloudBig Data & The Cloud
Big Data & The Cloud
 
New Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudNew Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the Cloud
 
The Enterprise Trifecta
The Enterprise TrifectaThe Enterprise Trifecta
The Enterprise Trifecta
 
Big Data on AWS
Big Data on AWSBig Data on AWS
Big Data on AWS
 
Solving Compliance for Big Data
Solving Compliance for Big DataSolving Compliance for Big Data
Solving Compliance for Big Data
 
Accel Partners New Data Workshop 7-14-10
Accel Partners New Data Workshop 7-14-10Accel Partners New Data Workshop 7-14-10
Accel Partners New Data Workshop 7-14-10
 
DISA: Cloud Computing And SaaS
DISA: Cloud Computing And SaaSDISA: Cloud Computing And SaaS
DISA: Cloud Computing And SaaS
 
2012: The Tipping Point of Broad Scale Cloud Deployment
2012: The Tipping Point of Broad Scale Cloud Deployment2012: The Tipping Point of Broad Scale Cloud Deployment
2012: The Tipping Point of Broad Scale Cloud Deployment
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud Computing
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
 
When where why cloud
When where why cloudWhen where why cloud
When where why cloud
 
When Where Why Cloud
When Where Why CloudWhen Where Why Cloud
When Where Why Cloud
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Move your desktop to the cloud for $1 day
Move your desktop to the cloud for $1 day Move your desktop to the cloud for $1 day
Move your desktop to the cloud for $1 day
 
Prc open stack conf aug 2012 cox v1
Prc open stack conf aug 2012 cox v1Prc open stack conf aug 2012 cox v1
Prc open stack conf aug 2012 cox v1
 
AIIM Cloud Webinar - EMC Corporation
AIIM Cloud Webinar - EMC CorporationAIIM Cloud Webinar - EMC Corporation
AIIM Cloud Webinar - EMC Corporation
 
Cloud Computing through FCAPS Managed Services in a Virtualized Data Center
Cloud Computing through FCAPS Managed Services in a Virtualized Data CenterCloud Computing through FCAPS Managed Services in a Virtualized Data Center
Cloud Computing through FCAPS Managed Services in a Virtualized Data Center
 
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
Smarter Storage in the Smarter Computing Era - A New Approach to Storage - Ak...
 

More from Raffael Marty

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
Raffael Marty
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
Raffael Marty
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
Raffael Marty
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
Raffael Marty
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
Raffael Marty
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
Raffael Marty
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
Raffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data Visualization
Raffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
Raffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
Raffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 
DAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
Raffael Marty
 

More from Raffael Marty (20)

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data Visualization
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
DAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
 

Recently uploaded

RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 

Recently uploaded (20)

RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 

Security - Situational awareness

  • 1. Situational Awareness raffael marty - pixlcloud december 2011
  • 2. Is this useful for Situational Awareness? pixlcloud | creating big data stories copyright (c) 2011
  • 3. Overview Network Security Sit Awareness Today Where we should be Challenges Resources pixlcloud | creating big data stories copyright © 2011
  • 4. Raffael Marty • SaaS business expert pixlcloud • Data visualization practitioner • Security data analyst IBM Research Applied Security Visualization Publisher: Addison Wesley (August, 2008) ISBN: 0321510100 pixlcloud | creating big data stories copyright (c) 2011
  • 5. Cyber Security Network Security Information Security Data Collection Authentication Authorization Forensics / IR Accounting Reporting Neglected!!! BCM / DR Alerting OS Security Situational Awareness Policies and Procedures ... Reactive Pro-Active pixlcloud | creating big data stories copyright (c) 2011
  • 6. Situational Awareness “Situational Awareness is the ability to identify, process, and comprehend the critical elements of information about what is happening to the team with regards to the mission. More simply, it’s knowing what is going on around you.” ‣ find air force viz images IWViz - IDS Situational Awareness pixlcloud | creating big data stories copyright © 2011
  • 7. Sit Awareness Is Visualization ‣ Visualization - because machine centered approaches have failed ‣ Leverage human cognitive capabilities ‣Pattern recognition ‣Pre-attentive processing ‣Context memory pixlcloud | creating big data stories copyright © 2011
  • 8. Today pixlcloud | creating big data stories copyright (c) 2011
  • 9. Data Sources for Sit Awareness 1.1.1.1 10.0.0.2 ‣Flow records 9.4.242.10 ‣ Firewalls 1.1.1.1 10.0.0.2 9.4.242.10 ‣ IDS/IPSs 1.1.1.1 10.0.0.2 9.4.242.10 ‣ What about: PCAP, DNS, BGP, OS, Proxies, User behavior ?? ‣ Context information - Hosts, Users, ... pixlcloud | creating big data stories copyright © 2011
  • 10. Todays Visualization Tools ‣ Based on specific data source ‣ Hard to use ‣ Limited interactivity ‣ Not real-time ‣ Slow ‣ Ugly ‣ Gephi ‣ PicViz ‣ R ‣ Treemap 4.1 ‣ Matlab ‣ Google Earth ‣ Mondrian pixlcloud | creating big data stories copyright © 2011
  • 11. Take the Blinders Off! pixlcloud | creating big data stories copyright © 2011
  • 12. Visualization Maturity ‣ Data Collection Contextual Data iterations ‣ Data Analysis Data Sources (Data Store) Structured Data Visual Representation ‣ Context Integration parsing visualization feature selection ‣ Visualization files database filtering aggregation cleansing ‣ Visual Analytics ‣ Collaboration ‣ Dissemination pixlcloud | creating big data stories copyright © 2011
  • 13. Security Visualization Dichotomy Security Visualization ‣ security data ‣ types of data ‣ networking protocols ‣ perception ‣ routing protocols (the Internet) ‣ optics ‣ security impact ‣ color theory ‣ security policy ‣ depth cue theory ‣ jargon ‣ interaction theory ‣ use-cases ‣ types of graphs ‣ are the end-users ‣ human computer interaction pixlcloud | creating big data stories copyright © 2011
  • 14. Landscape Changes Threat Landscape Technology • from disruptive to disastrous • Big Data • from audacious to “low and slow” • NoSQL • from fame to financial gain • Column-based data stores • from manual to automated • Map Reduce (hadoop) • from indiscriminate to targeted • Cloud • from infrastructure to applications • on demand computing We have technology to attack the threats! BUT we don’t know what to do with it! pixlcloud | creating big data stories copyright © 2011
  • 15. The Public Sector ‣ Currently using a lot of Excel ‣ Big data technologies (e.g., Datameer, Karmasphere, Cloudera) ‣ Incremental improvements to SIEM tools (e.g., ArcSight, etc.) ‣ Using non security / network tools (e.g., Advizor, Cognos) ‣ Working with blacklists and whitelists ‣ Not understanding the data intrinsically pixlcloud | creating big data stories copyright © 2011
  • 16. The Government Everything is different from Industry Scale Data sources e.g., DISA has 5 million e.g., ASIM CIDS live hosts Types of attacks Adversaries I have no example .... e.g., Nation states pixlcloud | creating big data stories copyright © 2011
  • 17. We Need pixlcloud | creating big data stories copyright (c) 2011
  • 18. What we Need ‣ Leverage advanced technologies (big data, etc.) ‣ Build for the actual users, not programmers! ‣ End to end tools, not yet another library ‣ Interactive, not static! ‣ Multiple data sources at once ‣ Leverage context, not just event data ‣ Decouple data from the tools ‣ Crowd intelligence pixlcloud | creating big data stories copyright © 2011
  • 19. Make it This Simple! pixlcloud | creating big data stories copyright © 2011
  • 20. Challenges pixlcloud | creating big data stories copyright (c) 2011
  • 21. Maturity Challenge Companies and products are stuck on the left hand side! pixlcloud | creating big data stories copyright © 2011
  • 22. 1 Data Challenges ‣ No data - no insights - no sit awareness ‣ We don’t even have / collect the data ‣ It is too hard to collect data ‣ We don’t understand our data! ‣ Data silos ‣ Large amounts of semi-structured data ‣Parsing data is extremely hard pixlcloud | creating big data stories copyright © 2011
  • 23. Tool Challenges ‣ Same old - all over Overview first ‣Does your SIEM support visual analytics? ‣ Missing: Brushing, Interactivity ‣ Help the user understand the data! Zoom and Filter ‣ Highly scalable visualization systems are hard to build! ‣ What algorithms are useful? (e.g., clustering) Details on demand ‣ Visualization expertise is missing ‣ Visualization AND security is an interdisciplinary problem pixlcloud | creating big data stories copyright © 2011
  • 24. Visualization Challenges ‣ Skilled people are missing ‣ What are we even trying to look for? ‣ Anomaly detection is not working ‣ Academia is disconnected ‣Use-cases and problems ‣State of the art in industry ‣ Visualization is always an afterthought pixlcloud | creating big data stories copyright © 2011
  • 25. Myths ‣Real-time ‣Do we really need real-time? ‣Hadoop ‣Not everything that is big data needs to use Hadoop! ‣Know your technologies! ‣Cloud ‣Will we ever put security relevant data into the cloud? pixlcloud | creating big data stories copyright © 2011
  • 26. Resources ‣ SecViz: http://secviz.org and @secviz ‣ CERT - NetSA: http://www.cert.org/netsa/ ‣Mainly a collection of papers and links to some tools (SiLK) ‣ VizSec Conference: http://www.vizsec.org ‣ Applied Security Visualization R. Marty, 2008 pixlcloud | creating big data stories copyright © 2011
  • 27. pixlcloud buy now creating big data stories @raffaelmarty copyright (c) by r. marty - december 2011