SlideShare a Scribd company logo

See Clearly and Respond Quickly from the Network to the Endpoint

ProtectWise
ProtectWise

This document discusses the challenges of network security and how a joint solution from ProtectWise and Demisto can help address them. It outlines the benefits of collecting and storing network data in the cloud to enable advanced analytics, detections, and insights. This solution allows for retrospective threat detection and predictive event remediation through automation and orchestration. A demo is then provided of how the joint solution works to automatically detect and respond to security incidents across the network and endpoints.

Software
1 of 14
Download to read offline
SEE CLEARLY AND RESPOND QUICKLY FROM THE NETWORK TO THE ENDPOINT May 10, 2017
2 David Gold VP, Product Management ProtectWise Rishi Bhargava Co-founder Demisto TODAY’S SPEAKERS
3 • Detect, Triage, Remediate: Why Moving Quickly Matters • Retrospective Threat Detection & Predictive Event Remediation • Automation & Orchestration • Hunt More, Respond Less • Demo TODAY’S AGENDA
4 WHY HAS NETWORK SECURITY BEEN SO HARD? Multiple, Discrete Point Products in Your Security Environment Frequent Changes to Network Technology Different Interfaces and Skillset Requirements Poor Sharing Capabilities Between Point Products
WHAT KEEPS YOU FROM MOVING QUICKLY? 5 Complex Web of Security Controls Difficulty Finding Skilled Professionals Managing Varied Levels of Experience Products Not Working Together
6 WHERE DO YOU BEGIN? SearchIndexExtractStoreCapture Collect the Right Data Understand the Landscape
WHAT CAN THE CLOUD DO FOR YOU? 7 ● Long-term retention ● Advanced analytics and detections ● Unified haystack Provides Scale & Power ● Comprehensive, correlated context ● Continuous analysis ● Pervasive visibility Enables Insight & Intelligence
WHAT CAN YOU DO AS A RESULT? 8 Conduct Deeper Forensic Analysis Improve Incident Response Processes Perform Advanced Threat Hunting View the Complete Attack Kill Chain Have Better Network Visibility
PROTECTWISE EGRESS INGEST VISUALIZER CORE CLOUD REMOTE INDUSTRIAL NETWORK SENSORS Flexible deployment OPTIMIZED NETWORK REPLAY Compression & Optimization up to 80% ENTERPRISE SECURITY PLATFORM Secure, long-term full packet retention (months or years) TIME MACHINE SECURE VAULT 9
Network Traffic Behavioral Analysis Machine Learning Heuristics Signatures 24 hours 1 month 6 month 1 year RETROSPECTIVE ANALYTICS +6 months +1 month +24 hours PREDICTIVE ANALYSIS REAL TIME ANALYTICS C1 C2 C3 COLLECTIVE CORRELATION A TIME MACHINE FOR THREAT DETECTION 10
DEMISTO 11 FIREWALLS ENDPOINTS DETECT REMEDIATE Events TRIAGE TICKETING SYSTEM SANDBOX GATEWAY Indicators AUTOMATE Enriched Data
HOW OUR JOINT SOLUTION WORKS 12 AUTOMATIC DETECTION Reconnaissance Delivery Exploit Beaconing Command & Control Fortification Actions on Objectives UNLIMITED FORENSICS ACTIONS Quarantine Hunt File Geolocate IP Detonate File … etc. ... PLAYBOOKS APPS
13 SEE CLEARLY AND RESPOND QUICKLY FROM THE NETWORK TO THE ENDPOINT Speed helps keep your brand and reputation protected. Retrospection keeps your team ahead of sophisticated attacks. Automation and orchestration free up your precious limited resources. Time savings help make your security team more proactive threat hunters.
MORE INFORMATION info@protectwise.com www.protectwise.com

Recommended

Building a Threat Hunting Practice in the Cloud
Building a Threat Hunting Practice in the CloudBuilding a Threat Hunting Practice in the Cloud
Building a Threat Hunting Practice in the CloudProtectWise
 
Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017chrissanders88
 
Art into Science 2017 - Investigation Theory: A Cognitive Approach
Art into Science 2017 - Investigation Theory: A Cognitive ApproachArt into Science 2017 - Investigation Theory: A Cognitive Approach
Art into Science 2017 - Investigation Theory: A Cognitive Approachchrissanders88
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Abstract Tools for Effective Threat Hunting
Abstract Tools for Effective Threat HuntingAbstract Tools for Effective Threat Hunting
Abstract Tools for Effective Threat Huntingchrissanders88
 
Cyber strategies stack the odds in your favor
Cyber strategies stack the odds in your favorCyber strategies stack the odds in your favor
Cyber strategies stack the odds in your favorNational Retail Federation
 
SOC2016 - The Investigation Labyrinth
SOC2016 - The Investigation LabyrinthSOC2016 - The Investigation Labyrinth
SOC2016 - The Investigation Labyrinthchrissanders88
 
Risk Management Metrics That Matter
Risk Management Metrics That MatterRisk Management Metrics That Matter
Risk Management Metrics That MatterEd Bellis
 

Recommended

Building a Threat Hunting Practice in the Cloud
Building a Threat Hunting Practice in the CloudBuilding a Threat Hunting Practice in the Cloud
Building a Threat Hunting Practice in the CloudProtectWise
 
Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017chrissanders88
 
Art into Science 2017 - Investigation Theory: A Cognitive Approach
Art into Science 2017 - Investigation Theory: A Cognitive ApproachArt into Science 2017 - Investigation Theory: A Cognitive Approach
Art into Science 2017 - Investigation Theory: A Cognitive Approachchrissanders88
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Abstract Tools for Effective Threat Hunting
Abstract Tools for Effective Threat HuntingAbstract Tools for Effective Threat Hunting
Abstract Tools for Effective Threat Huntingchrissanders88
 
Cyber strategies stack the odds in your favor
Cyber strategies stack the odds in your favorCyber strategies stack the odds in your favor
Cyber strategies stack the odds in your favorNational Retail Federation
 
SOC2016 - The Investigation Labyrinth
SOC2016 - The Investigation LabyrinthSOC2016 - The Investigation Labyrinth
SOC2016 - The Investigation Labyrinthchrissanders88
 
Risk Management Metrics That Matter
Risk Management Metrics That MatterRisk Management Metrics That Matter
Risk Management Metrics That MatterEd Bellis
 
Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017Kevin Finley
 
Building a Successful Threat Hunting Program
Building a Successful Threat Hunting ProgramBuilding a Successful Threat Hunting Program
Building a Successful Threat Hunting ProgramCarl C. Manion
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onSplunk
 
BSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security MonitoringBSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security Monitoringchrissanders88
 
Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government TechnologySqrrl
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedMITRE - ATT&CKcon
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware LabThreatConnect
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingSqrrl
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting WorkshopSplunk
 
Cybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesCybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesRavi D. Goel, MD
 
April 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with SqrrlApril 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with SqrrlSqrrl
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Stu Hirst
 
Cybersecurity is the Future of Computing
Cybersecurity is the Future of ComputingCybersecurity is the Future of Computing
Cybersecurity is the Future of ComputingDavid Fry
 
DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!Stu Hirst
 
The power of regular reviews
The power of regular reviewsThe power of regular reviews
The power of regular reviewsEbere Ikerionwu
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)Spencer Henderson
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)Jonathan Holman
 
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the UnknownAllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the UnknownAaron Rinehart
 
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...Keshav Murthy
 
Y3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 PlanningY3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 PlanningMiles Berry
 
Jane Hocking CV pdr
Jane Hocking CV pdrJane Hocking CV pdr
Jane Hocking CV pdrJane Hocking
 

More Related Content

What's hot

Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksThreatConnect
 
Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017Kevin Finley
 
Building a Successful Threat Hunting Program
Building a Successful Threat Hunting ProgramBuilding a Successful Threat Hunting Program
Building a Successful Threat Hunting ProgramCarl C. Manion
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onSplunk
 
BSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security MonitoringBSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security Monitoringchrissanders88
 
Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government TechnologySqrrl
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedMITRE - ATT&CKcon
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware LabThreatConnect
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingSqrrl
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting WorkshopSplunk
 
Cybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesCybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesRavi D. Goel, MD
 
April 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with SqrrlApril 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with SqrrlSqrrl
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Stu Hirst
 
Cybersecurity is the Future of Computing
Cybersecurity is the Future of ComputingCybersecurity is the Future of Computing
Cybersecurity is the Future of ComputingDavid Fry
 
DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!Stu Hirst
 
The power of regular reviews
The power of regular reviewsThe power of regular reviews
The power of regular reviewsEbere Ikerionwu
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)Spencer Henderson
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)Jonathan Holman
 
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the UnknownAllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the UnknownAaron Rinehart
 

What's hot (19)

Save Time and Act Faster with Playbooks
Save Time and Act Faster with PlaybooksSave Time and Act Faster with Playbooks
Save Time and Act Faster with Playbooks
 
Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017Advanced Threat Hunting - Botconf 2017
Advanced Threat Hunting - Botconf 2017
 
Building a Successful Threat Hunting Program
Building a Successful Threat Hunting ProgramBuilding a Successful Threat Hunting Program
Building a Successful Threat Hunting Program
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
BSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security MonitoringBSA2016 - Honeypots for Network Security Monitoring
BSA2016 - Honeypots for Network Security Monitoring
 
Transitioning Government Technology
Transitioning Government TechnologyTransitioning Government Technology
Transitioning Government Technology
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have Changed
 
Open Source Malware Lab
Open Source Malware LabOpen Source Malware Lab
Open Source Malware Lab
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led Training
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting Workshop
 
Cybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician PracticesCybersecurity 101 for Ophthalmology & Physician Practices
Cybersecurity 101 for Ophthalmology & Physician Practices
 
April 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with SqrrlApril 2015 Webinar: Cyber Hunting with Sqrrl
April 2015 Webinar: Cyber Hunting with Sqrrl
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016
 
Cybersecurity is the Future of Computing
Cybersecurity is the Future of ComputingCybersecurity is the Future of Computing
Cybersecurity is the Future of Computing
 
DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!DevSecOps - a 2 year journey of success & failure!
DevSecOps - a 2 year journey of success & failure!
 
The power of regular reviews
The power of regular reviewsThe power of regular reviews
The power of regular reviews
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)
 
DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)DSP-MSSMDR-DataSheet_Final (1)
DSP-MSSMDR-DataSheet_Final (1)
 
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the UnknownAllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown
 

Similar to See Clearly and Respond Quickly from the Network to the Endpoint

XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...Keshav Murthy
 
Y3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 PlanningY3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 PlanningMiles Berry
 
Jane Hocking CV pdr
Jane Hocking CV pdrJane Hocking CV pdr
Jane Hocking CV pdrJane Hocking
 
Track and predict engagement of your newspaper readers with EngageReaders
Track and predict engagement of your newspaper readers with EngageReadersTrack and predict engagement of your newspaper readers with EngageReaders
Track and predict engagement of your newspaper readers with EngageReadersTwipe Mobile Solutions
 
From concept to adoption - the maze of organizational readiness for Big Data ...
From concept to adoption - the maze of organizational readiness for Big Data ...From concept to adoption - the maze of organizational readiness for Big Data ...
From concept to adoption - the maze of organizational readiness for Big Data ...J On The Beach
 
Managing Data Science | Lessons from the Field
Managing Data Science | Lessons from the Field Managing Data Science | Lessons from the Field
Managing Data Science | Lessons from the Field Domino Data Lab
 
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdfDataScienceConferenc1
 
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptx
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptxFoundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptx
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptxchuwc
 
Using Digital Twins for Modernizing Production Systems.pptx
Using Digital Twins for Modernizing Production Systems.pptxUsing Digital Twins for Modernizing Production Systems.pptx
Using Digital Twins for Modernizing Production Systems.pptxDPrestin1
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...WSO2
 
Towards a (united) federation of Bioinformatics resources
Towards a (united) federation of Bioinformatics resourcesTowards a (united) federation of Bioinformatics resources
Towards a (united) federation of Bioinformatics resourcesMatthew Vaughn
 
Integrating Project Management with Service Management Best Practices Event B...
Integrating Project Management with Service Management Best Practices Event B...Integrating Project Management with Service Management Best Practices Event B...
Integrating Project Management with Service Management Best Practices Event B...Google
 
Value Driven Development by Dave Thomas
Value Driven Development by Dave Thomas Value Driven Development by Dave Thomas
Value Driven Development by Dave Thomas Naresh Jain
 
Deliver on the Promise of Agile and DevOps Transformations
Deliver on the Promise of Agile and DevOps TransformationsDeliver on the Promise of Agile and DevOps Transformations
Deliver on the Promise of Agile and DevOps TransformationsTasktop
 
Decision Lens Overview
Decision Lens OverviewDecision Lens Overview
Decision Lens OverviewDL Buzz
 
Techniques for Keeping Distributed Retrospectives Effective and Fun
Techniques for Keeping Distributed Retrospectives Effective and FunTechniques for Keeping Distributed Retrospectives Effective and Fun
Techniques for Keeping Distributed Retrospectives Effective and FunExcella
 
Informs Conference, Huntington Beach
Informs Conference, Huntington BeachInforms Conference, Huntington Beach
Informs Conference, Huntington BeachDaniel Murray
 

Similar to See Clearly and Respond Quickly from the Network to the Endpoint (20)

XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
XLDB Lightning Talk: Databases for an Engaged World: Requirements and Design...
 
Y3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 PlanningY3 ICT Lecture 6 Planning
Y3 ICT Lecture 6 Planning
 
Jane Hocking CV pdr
Jane Hocking CV pdrJane Hocking CV pdr
Jane Hocking CV pdr
 
Track and predict engagement of your newspaper readers with EngageReaders
Track and predict engagement of your newspaper readers with EngageReadersTrack and predict engagement of your newspaper readers with EngageReaders
Track and predict engagement of your newspaper readers with EngageReaders
 
From concept to adoption - the maze of organizational readiness for Big Data ...
From concept to adoption - the maze of organizational readiness for Big Data ...From concept to adoption - the maze of organizational readiness for Big Data ...
From concept to adoption - the maze of organizational readiness for Big Data ...
 
Managing Data Science | Lessons from the Field
Managing Data Science | Lessons from the Field Managing Data Science | Lessons from the Field
Managing Data Science | Lessons from the Field
 
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
 
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptx
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptxFoundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptx
Foundations_Optimum_Security_Overview_AP_Marketing_EN_GLB.pptx
 
Using Digital Twins for Modernizing Production Systems.pptx
Using Digital Twins for Modernizing Production Systems.pptxUsing Digital Twins for Modernizing Production Systems.pptx
Using Digital Twins for Modernizing Production Systems.pptx
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
 
Towards a (united) federation of Bioinformatics resources
Towards a (united) federation of Bioinformatics resourcesTowards a (united) federation of Bioinformatics resources
Towards a (united) federation of Bioinformatics resources
 
Integrating Project Management with Service Management Best Practices Event B...
Integrating Project Management with Service Management Best Practices Event B...Integrating Project Management with Service Management Best Practices Event B...
Integrating Project Management with Service Management Best Practices Event B...
 
Value Driven Development by Dave Thomas
Value Driven Development by Dave Thomas Value Driven Development by Dave Thomas
Value Driven Development by Dave Thomas
 
Deliver on the Promise of Agile and DevOps Transformations
Deliver on the Promise of Agile and DevOps TransformationsDeliver on the Promise of Agile and DevOps Transformations
Deliver on the Promise of Agile and DevOps Transformations
 
Decision Lens Overview
Decision Lens OverviewDecision Lens Overview
Decision Lens Overview
 
Techniques for Keeping Distributed Retrospectives Effective and Fun
Techniques for Keeping Distributed Retrospectives Effective and FunTechniques for Keeping Distributed Retrospectives Effective and Fun
Techniques for Keeping Distributed Retrospectives Effective and Fun
 
Informs Conference, Huntington Beach
Informs Conference, Huntington BeachInforms Conference, Huntington Beach
Informs Conference, Huntington Beach
 

Recently uploaded

5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

Recently uploaded (20)

5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 

See Clearly and Respond Quickly from the Network to the Endpoint

  • 1. SEE CLEARLY AND RESPOND QUICKLY FROM THE NETWORK TO THE ENDPOINT May 10, 2017
  • 2. 2 David Gold VP, Product Management ProtectWise Rishi Bhargava Co-founder Demisto TODAY’S SPEAKERS
  • 3. 3 • Detect, Triage, Remediate: Why Moving Quickly Matters • Retrospective Threat Detection & Predictive Event Remediation • Automation & Orchestration • Hunt More, Respond Less • Demo TODAY’S AGENDA
  • 4. 4 WHY HAS NETWORK SECURITY BEEN SO HARD? Multiple, Discrete Point Products in Your Security Environment Frequent Changes to Network Technology Different Interfaces and Skillset Requirements Poor Sharing Capabilities Between Point Products
  • 5. WHAT KEEPS YOU FROM MOVING QUICKLY? 5 Complex Web of Security Controls Difficulty Finding Skilled Professionals Managing Varied Levels of Experience Products Not Working Together
  • 6. 6 WHERE DO YOU BEGIN? SearchIndexExtractStoreCapture Collect the Right Data Understand the Landscape
  • 7. WHAT CAN THE CLOUD DO FOR YOU? 7 ● Long-term retention ● Advanced analytics and detections ● Unified haystack Provides Scale & Power ● Comprehensive, correlated context ● Continuous analysis ● Pervasive visibility Enables Insight & Intelligence
  • 8. WHAT CAN YOU DO AS A RESULT? 8 Conduct Deeper Forensic Analysis Improve Incident Response Processes Perform Advanced Threat Hunting View the Complete Attack Kill Chain Have Better Network Visibility
  • 9. PROTECTWISE EGRESS INGEST VISUALIZER CORE CLOUD REMOTE INDUSTRIAL NETWORK SENSORS Flexible deployment OPTIMIZED NETWORK REPLAY Compression & Optimization up to 80% ENTERPRISE SECURITY PLATFORM Secure, long-term full packet retention (months or years) TIME MACHINE SECURE VAULT 9
  • 10. Network Traffic Behavioral Analysis Machine Learning Heuristics Signatures 24 hours 1 month 6 month 1 year RETROSPECTIVE ANALYTICS +6 months +1 month +24 hours PREDICTIVE ANALYSIS REAL TIME ANALYTICS C1 C2 C3 COLLECTIVE CORRELATION A TIME MACHINE FOR THREAT DETECTION 10
  • 12. HOW OUR JOINT SOLUTION WORKS 12 AUTOMATIC DETECTION Reconnaissance Delivery Exploit Beaconing Command & Control Fortification Actions on Objectives UNLIMITED FORENSICS ACTIONS Quarantine Hunt File Geolocate IP Detonate File … etc. ... PLAYBOOKS APPS
  • 13. 13 SEE CLEARLY AND RESPOND QUICKLY FROM THE NETWORK TO THE ENDPOINT Speed helps keep your brand and reputation protected. Retrospection keeps your team ahead of sophisticated attacks. Automation and orchestration free up your precious limited resources. Time savings help make your security team more proactive threat hunters.