SlideShare a Scribd company logo

Smart Analytics for The Big Unknown

Download as PPTX, PDF
Adrian Dumitrescu
Adrian Dumitrescu

This presentation was first shown at the European Cybersecurity Congress in 2017. It speaks about the biggest security challenges CISOs are facing today and how can you address them with an agnostic, independent analytics tool like NextGen's Cyberquest (formerly known as Smart Investigator)

Presentations & Public Speaking
1 of 39
Smart Analytics for The Big Unknown Adrian DUMITRESCU adrian.dumitrescu@qeast.ro www.qeast.ro
The Biggest (Cyber)Security Challenge In The World Today
IN 2016 SECURITYCURRENT.COM RELEASED A RESEARCH 25 CISOs identified the biggest security challenges for the new year  The ability to detect and manage an incident  Securing personally identifiable information records from cyber attacks  Building a pervasive security culture at employee level  Conversion of the traditional end-point protection into technologies that can counteract ransomware  Reduce breach detection times and close all digital doors  Transform the role of the CISO from business solution providers to leaders and protectors  Manage cyberthreats in the IoT world  Accelerate the adoption of simple things: asset inventory, implement strong admin and user authentication, device encryption, backup etc.  Elevate the “state of IT security” and communicate the right information to leadership  Focus on compliance standards implementation www.qeast.ro3 http://www.securitycurrent.com/en/ciso_journal/ac_ciso_journal/cisos- identify-the-biggest-security-challenges-as-they-enter-the-new-year
REAL LIFE APPLICATION OF THOSE CONCERNS www.qeast.ro4 Capture ATP Intrusion Prevention Intrusion Detection
THE BIGGEST SECURITY CHALLENGE IN THE WORLD TODAY www.qeast.ro5 “...a wealth of information creates a poverty of attention...” ― Herbert A. Simon “In the Information Age, the first step to sanity is FILTERING. Filter the information: extract for knowledge.” ― Marc Stiegler Where is the knowledge we have lost in information? ― T. S. Eliot
THE BIGGEST SECURITY CHALLENGE IN THE WORLD TODAY www.qeast.ro6 IDC predicts that, by 2020, organizations that analyze all relevant data and deliver actionable information will achieve extra $430 billion in productivity gains over their less analytically oriented peers. Fast, accurate security insights that lead to better business decisions It’s hard to deliver business value when you’re dealing with data that’s: • Poor quality or incomplete • Stale • Siloed in dozens of unconnected applications • Drawn from external sources that you don't control
7 Introduction About Us
ABOUT OUR COMPANY Q-East Software Has built 15 years of excellence distributing high performance IT&C solutions, being now positioned as the trusted partner of choice in integrated software and hardware solutions projects, for both private companies and public institutions. With vision and expertise, Q-East Software provides state-of-the-art solutions for the management and security of systems, databases and applications. www.qeast.ro 8 8
9 SOLVING THE TOP PRIORITIES FOR IT We give you the time you need to… Modernize infrastructure for the cloud Enable a data-driven business Automate complex processes Optimize the application experience Improve efficiency and free up resources for other tasks Accelerate “Cloud Readiness” Make data always available to more users, anywhere Deliver applications that the business needs, faster
www.qeast.ro COMPANY ACTIVITY IN NUMBERS 10 15 years of experience in medium and large scale projects Over 450 happy customers in both private and public sectors Projects with over 6 PB transferred data Over 6,000 audited systems Multiple Oracle, Microsoft, Quest certifications received by our experts
Smart Big Data Analytics
5 IT AUDITING & COMPLIANCE MISTAKES ORGANIZATIONS MAKE Lack of visibility into who is doing what in application silos. Underestimating user & organizational impact. Inconsistent or absence of a GRC strategy. Inadequate data protection. 1 2 3 4 Failure to plan and manage external and internal audits.5 www.qeast.ro
WHAT IF YOU COULD… 1 With one view answer: who has access, how was it obtained, and how was it used – all in real time? 2 Complete investigations with full-text search of critical IT data and its relation to users and events? 3 Report on user activity for internal investigations and compliance? 4 Be alerted on violations, malicious activity and suspicious trends as they happen? 5 Automate and secure collection of log data from disparate platforms without needing expertise? 6 Save expensive storage space and maintain compliance by storing event logs in a compressed, encrypted format? 7 Troubleshoot and pinpoint problems should an incident occur for operational visibility? 8 Improve insight and communication across teams with flexible reporting? 9 Eliminate information security silos with integration for SIEM solutions? 10 Leverage security and auditing solutions already in place? www.qeast.ro
THIS IS WHY WE CREATED SMART INVESTIGATOR www.qeast.ro A high performance investigation and analytics tool with contextual, industry-specific dashboards: all in one place, in real time, to enhance the value of your existing security setup One Single View over All Events High-speed event search Real-time Alerts Enabling immediate measures Industry-specific Dashboards Rapid decision making among infinite data logs Predefined Scheduled Reports For compliance and reduced internal effort Fast Deployment 30 minutes - 4 hours, depending on the customer’s complexity
SECURITY ANALYTICS PLATFORM  Precise identification of security incidents through innovative multi-SIEM/multi-platform data correlation  Real-time / schedule based connectivity to classical SIEM systems for data feeds  Embedded reports to validate control efficiency and effectiveness for frameworks and standards: ISO 27001, COBIT, FISMA, HIPPA, PCI/DSS, SOX  And more… www.qeast.ro
HIGH LEVEL CAPABILITIES www.qeast.ro  Pre-configured connectors for a wide number of industry standard platforms: operating systems, ODBC databases, communications platforms, network devices, firewalls, IDS/IPS and database security solutions, SIEMs  JavaScript based event log parsing  NetFlow integration  Report packs for multiple technologies and compliance standards  Advanced Event Browser  Unlimited data storage that is compressed, encrypted and digitally signed  Unlimited number of nodes and scalability for all components (data collection, data parsing, data storage)  Full Cisco support and Unified Event Bus  Biometric security data integration
ONGOING DEVELOPMENT AND INTEGRATION www.qeast.ro  Over 100 supported technologies from the initial 12  Focus on security analytics and business insights  Scaled up from 25,000 EPS to over 200,000  Scaled up from 2TB of repository data to over 20TB and queries response from tens of minutes to <5 minutes  Added built-in compliance for COSO and FIEL and reshaping the existing report packs  Added case management module  New modules for internal security evaluation and response: identity theft (biometrics and identity solutions integration, internal fraud)  New dedicated connectors for unified communications and distinct security platforms  New data collection, data parsing and data storage processors  New user interface for extended visibility into business processes Version 2.x is already in production since May 2017
ONGOING DEVELOPMENT AND INTEGRATION www.qeast.ro  GDPR compliance dashboards and reports  Integration with industry-standard solutions like Dell Boomi and Informatica PowerCenter  Integration with compliance solutions designed for cloud (Azure AD, Office 365)  Integration with data protection solutions (DLP, CDP, Backup and Deduplication)  Release of Smart Investigator for Human Resources Departments as standalone product  Smart Investigator BI Edition will became a standalone product as Smart Investigator for Business  Smart Investigator Internal Fraud module will be sold only as part of the Smart Investigator for Financial standalone product What comes up with version 3.0 (starting May 2018) Prepare AuthorizationProtect & Secure ReviewManage Data Protection Impact Assessment Obtain prior Authorization from the Supervisory Authority Protect all data Data Protection Compliance Review Define the way data is collected and managed Data Protection Officer
EVALUATING BUSINESS RISKS IN TERMS OF SECURITY AND COMPLIANCE www.qeast.ro
ENTERPRISE SECURITY: END-TO-END AUDIT AND COMPLIANCE www.qeast.ro Graphical anomaly analyzer starting from one single exception event Correlation between tens of millions of events in seconds User-defined alerts for the most specific event requirements Intensive industry-specific expertise for high visibility and compliance Integration with physical security systems and correlation of data logs with real life events Based on synthesized results displayed into graphical intuitive charts
Case Studies
Vodafone Online Management Platform The National Platform for Fiscal Statements Transelectrica GIS Platform The Biometric Passport The Electronic Vignette The Electronic Criminal Record Data Integration National Health Insurance House Security Access Management Erste Bank Secure Authentication In Sumitomo Electric Bordnetze www.qeast.ro1 WE TAKE PRIDE IN OUR PROJECTS Q-East Software has actively participated in large-scale national and international strategic projects, based on the good cooperation we have established with major System Integrators activating on the Romanian market. Hella International Active Directory Migration Volksbank Romania Lotus Domino Migration Autoliv Notes Applications Migration
OUR CLIENTS www.qeast.ro BANKS FINANCIAL ENERGY TELECOMMUUNICATIONS GOVERNMENTAL INSTITUTIONS UTILITIES & RETAIL Long-lasting partnerships with over 450 companies and institutions Q-East Software provides information management, information security, data protection and identity and access management solutions for companies in the following industries:  Financial & Banking;  Telecommunications;  Utilities;  Energy;  Oil&Gas;  Public institutions and governmental agencies. 23
CERT-RO Big Data Security Event Correlation and Analytics CERT-RO is permanently looking to access the newest technologies in order to quickly respond to cyber-attacks, but also to create an active frame of public acknowledgement in the field of cybersecurity. The need to proactively detect defense threats in real-time is vital, considering the proliferation of multiple, increasingly sophisticated attack forms, most of them being created with advanced and persistent techniques. Smart Investigator was successfully adopted as a single purpose display and alert over all security platforms in function, for its flexible scaling capabilities – both architectural and as a spanning data volume – and for the quicks insights it provides over tens of terabytes of data. Customer benefits: • Search and analysis over billions of events in near real-time • Intelligent and detailed analysis of each security event, from just a few clicks • Data correlation between infrastructure and operational applications • Integration in a single pane, of all existing security systems • Increased decision capacity and support via intuitive dashboards • Unlimited horizontal scalability without additional software costs www.qeast.ro24
CERTSIGN Big Data Security Event Correlation and Analytics certSIGN is the first private CERT organization, with the mission to protect individual endpoint users against security incidents. certSIGN has as main activity the release and renew of digital certificates, but it also offers complete solutions for data, transactions and authentication integrity. In order to keep its security services standard at a high level, certSIGN tested a long range of compliance solutions over time. They invested heavily in multiple SIEMs, each for a purpose. In time, they also faced a dissemination of information across all systems and technologies and the inability to provide a fast respose against a threat affecting more than one division. Smart Investigator proved to be the only solution scalable enough and flexible enough to deliver a fast reaction against any inside or external threat. A major concern addressed by our solution was the real-time, 24x7 detection and prohibition of non-compliant access against confidential information held in heterogeneous data deposits, both structured and unstructured. The flexible implementation capabilities allowed for complete elimination of false alerts, while security teams can quickly intervene to remediate and save the integrity and data leak of privacy data. Also full data aggregation over all SIEMs in place provides a single-pane image of all monitored platforms, while potential anomalies are easily brought to surface. Customer benefits: • GDPR compliance by default, with 80% default coverage of regulatory demads • Proactive supervision of work processes and applications • Precise identification of security incidents by innovative correlation • Single pane security glass www.qeast.ro25
Visual investigation workflow allowing travelling back and forth on the event track Screenshots
Smart filtering simple and/or composed Screenshots
Top Event Categories Top Event Types: Warning Failure audit Success audit Error Information Top Event Sources Screenshots
Top IP addresses (internal and external) generating events Top internal IP addresses generating events Top external IP addresses generating events Screenshots
ANAF INTEGRITY DIVISION Criminal investigations over ANAF applications ANAF’s Integrity Division was created as an internal team of police officers with the single purpose of gathering and investigating proofs of criminal activity performed by ANAF’s personnel, as part of standard prosecuting procedure. The biggest challenge was to have the ability of search and correlate information produced by more 160 financial applications developed in the past 20 years, and used by more than 25,000 employees, in order to provide the required evidences of criminal activity. They needed a solution that could extract data from all 160 applications, using more than 100 distinct connectors, and counting hundreds of thousands of records each day. The data had to be kept online for 6 months, and archived for the next 5 years. As an extra, the requirements were valid for all data that is currently in ANAF’s silos, some dating back to 2003. Execution time: 5 months. We qualified Smart Investigator together with the Internal Fraud module and Quest Compliance Suite and were able to meet all demands in the proper time, including the tight budget, due to the product’s easiness in creation of new connectors, new dashboards and new reports, but also by taking benefit of the good analytics capabilities that allowed for the proper correlation and display of extremely heterogeneous data. The extreme compression abilities and no-sql search capabilities allowed for maximization of the minimal requirements, and at this moment the solution is able to keep online 1 years of data, while archiving for 10 years. Extracting and making available data from archives takes less than 24 hours, in case of need. Reports can be produced in minutes, and investigations can be performed in near real-time across all online silos, no matter the level of depth. www.qeast.ro30
ANAF INTEGRITY DIVISION INVESTIGATION www.qeast.ro31
VODAFONE ROMANIA Internal audit, security analytics and fraud management Vodafone has a long history in using Q-East Software solutions for managing its compliance over systems and custom applications. The company uses a global SIEM provider to monitor the external security level, and a local deployment for internal audits. In the past years, the Security Department also implemented several other security platforms over network, databases and applications. The main challenge came when the Business decided to unify operational activity over all security applications, and correlate with insights from SIEM and internal audit in order to have the big compliance picture. As an extra, they reshaped the fraud management platform and decided to implement a unified solution that can handle all of the above. All data needed to be enhanced with information from custom applications. Smart Investigator was the solution of choice following an internal PoC that took over 6 months, with more than 100 customizations being implemented to address custom loads. Customer benefits: • Multi-SIEM/multi-platform data correlation using unique algoritms • Fast search over millions of aggregated events in seconds • Over 100k eps processed in real-time from security platforms • Real-time, no-impact connectivity to SIEM and security applications • Synthetic results presented in diagrams designed to support the decision process • Built-in reports customized to support ISO 27001, COBIT, PCI DSS and SOX compliance over all integrated platforms • User-defined alerts for any new request www.qeast.ro32
VODAFONE ROMANIA INTERNAL FRAUD ANALYTICS www.qeast.ro33 Data aggregation from custom applications and fraud identification Setting summary alerts based on identified fraud cases Alerting based on defined scenario and adding fraudulent events Pinpoint the fraud responsible
AADR DIGITAL AGENDA STRATEGY Support for the Romanian Digital Agenda Strategy The Romanian Digital Agenda Agency manages IT systems of national interest that are destined for electronic governance. The Agency has a long term purpose of implementing the Romanian Digital Agenda Strategy, AADR manages important systems like: SEN (e-guvernare.ro), SEAP (e-licitatie.ro), SAET (autorizatiiauto.ro), SNEP (ghiseul.ro), PCUE (edirect.e-guvernare.ro). The Public Acquisitions Electronic System (SEAP) has the biggest focus due to the high utilization rate and the continuous functionality requirement (14,721 contractors, 56,483 deponents and over 300 md lei in initiated procedures). As well, SAET had a total of over 21 md lei in taxes. As part of its goal to efficiently and securely administer these systems, AADR implemented over the years, a number of SIEM solutions, as well as other security platforms. The last internal audit revealed the need for a solution that can unify information provided by all these systems, but also to act as a business layer over the implemented systems. AADR started its process of maping Smart Investigator for security insight and business analytics in December 2016, and SEAP was chosen as a first integration. As part of the project, a mandatory business requirement was to implement a set of competition indicators and act also as a fraud investigation solution to be used by the Competition Council to detect and react against proofs of fake biddings. Project highlights: • Application log management and fast reaction solution electronic applications of national interest • Part of the Digital Agenda Strategy for Romania • Integration with AlienVault, ArcSight and Quest Compliance Suite • Advanced correlation, alerting, storage and display on electronic activity for over 100,000 registered users • Implementation of “Toolkit for detecting collusive bidding in public procurement” EU standard • Fraud detection thanks to the BI module and Internal Fraud module www.qeast.ro34
AADR DETECTION OF FRAUDULENT BIDS www.qeast.ro35
AADR DETECTION OF FRAUDULENT BIDS www.qeast.ro36 The relative value of contracts (starting indices) Attending announcements (starting indices) Three bidders with 100% win (statistical indicator) Market leaders (statistical indicator) Market leaders per product type (statistical indicator)
VIG POLAND Event Log Management with HR data incident response Vienna Insurance Group operates via a total of five companies and four brand names on the Polish insurance market. VIG companies include Compensa Life and Non-Life, InterRisk, Polisa and the life insurer Skandia. From the IT point of view, VIG Poland is a hybrid of more-or-less integrated companies, but with common departments for application development, system management, security and human resources. These are the key beneficiaries of our Smart Investigator implementation, where the distinctive approach and the solution value lies in: • Multi-tenant approach against the unified infrastructures • Correlation of user activity under different identities coming from various identity stores • Integration of data flows from the current security solutions in place, including FireEye • Event data enrichment with informations from Cisco NetFlow and SNMP data • Addressing heterogeneous operating systems, database platforms, application logs and web application outputs in a unified manner • Integration of Exchange Tracking Logs for DLP purposes • HR data correlation for detection and response against access and authentication events coming from deprovisioned employees www.qeast.ro37
VIG POLAND IMPLEMENTATION EXAMPLES www.qeast.ro38 Classic data correlation and aggregation of multiple technologies over multiple identity sources New technology report packs,.. … correlation with HR list of expired labor contracts Infections detected in FireEye Event correlation dynamic lists
Thank you! http://www.smart-investigator.com/ http://www.qeast.ro/

Recommended

OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
Adrian Dumitrescu
 
GDPR Part 3: Practical Quest
GDPR Part 3: Practical QuestGDPR Part 3: Practical Quest
GDPR Part 3: Practical Quest
Adrian Dumitrescu
 
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
Happiest Minds Technologies
 
GDPR Part 5: Better Together Quest & Cyberquest
GDPR Part 5: Better Together Quest & CyberquestGDPR Part 5: Better Together Quest & Cyberquest
GDPR Part 5: Better Together Quest & Cyberquest
Adrian Dumitrescu
 
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
Happiest Minds Technologies
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
Thilak Pathirage -Senior IT Gov and Risk Consultant
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
Radhakrishnan Govindan
 

Recommended

OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
Adrian Dumitrescu
 
GDPR Part 3: Practical Quest
GDPR Part 3: Practical QuestGDPR Part 3: Practical Quest
GDPR Part 3: Practical Quest
Adrian Dumitrescu
 
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICESELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
ELLIPSE INFUSED MANAGED INFRASTRUCTURE SERVICES
Happiest Minds Technologies
 
GDPR Part 5: Better Together Quest & Cyberquest
GDPR Part 5: Better Together Quest & CyberquestGDPR Part 5: Better Together Quest & Cyberquest
GDPR Part 5: Better Together Quest & Cyberquest
Adrian Dumitrescu
 
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICSHIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
HIGH-IMPACT USE CASES POWERED BY NEXT-GENERATION NETWORK ANALYTICS
Happiest Minds Technologies
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
Thilak Pathirage -Senior IT Gov and Risk Consultant
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
Radhakrishnan Govindan
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network Secuirty
Happiest Minds Technologies
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting Offerings
Happiest Minds Technologies
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webDerrick McBreairty
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
Mindtree agile offering.
Mindtree agile offering.Mindtree agile offering.
Mindtree agile offering.
Mindtree Ltd.
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowresHai Nguyen
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
David J Rosenthal
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
emagia
 
#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principles
Mindtree Ltd.
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & Compliance
Chris Genazzio
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
AntonioMaio2
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
Raffa Learning Community
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperDavid J Rosenthal
 
Unlock the full potential of IoT
Unlock the full potential of IoT Unlock the full potential of IoT
Unlock the full potential of IoT
Happiest Minds Technologies
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
Amit Bhargava
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
IBM Thailand Co Ltd
 
IBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver InnovationIBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver Innovation
Paula Koziol
 
Azure - a secure platform for source-to-pay
Azure - a secure platform for source-to-payAzure - a secure platform for source-to-pay
Azure - a secure platform for source-to-pay
OpusCapita
 

More Related Content

What's hot

BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network Secuirty
Happiest Minds Technologies
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting Offerings
Happiest Minds Technologies
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
Mindtree agile offering.
Mindtree agile offering.Mindtree agile offering.
Mindtree agile offering.
Mindtree Ltd.
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowresHai Nguyen
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
David J Rosenthal
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
emagia
 
#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
Micro Focus
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principles
Mindtree Ltd.
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & Compliance
Chris Genazzio
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
AntonioMaio2
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
Raffa Learning Community
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperDavid J Rosenthal
 
Unlock the full potential of IoT
Unlock the full potential of IoT Unlock the full potential of IoT
Unlock the full potential of IoT
Happiest Minds Technologies
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
Amit Bhargava
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
IBM Thailand Co Ltd
 

What's hot (20)

BlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network SecuirtyBlockChain Enabled-Cloud Delivered For Network Secuirty
BlockChain Enabled-Cloud Delivered For Network Secuirty
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting Offerings
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
Mindtree agile offering.
Mindtree agile offering.Mindtree agile offering.
Mindtree agile offering.
 
Citrix sb 0707-lowres
Citrix sb 0707-lowresCitrix sb 0707-lowres
Citrix sb 0707-lowres
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
 
#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and security
 
Mindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principlesMindtree distributed agile journey and guiding principles
Mindtree distributed agile journey and guiding principles
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & Compliance
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
 
Unlock the full potential of IoT
Unlock the full potential of IoT Unlock the full potential of IoT
Unlock the full potential of IoT
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 

Similar to Smart Analytics for The Big Unknown

IBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver InnovationIBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver Innovation
Paula Koziol
 
Azure - a secure platform for source-to-pay
Azure - a secure platform for source-to-payAzure - a secure platform for source-to-pay
Azure - a secure platform for source-to-pay
OpusCapita
 
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the CloudCE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
Case IQ
 
IBM Internet of Things Offerings
IBM Internet of Things OfferingsIBM Internet of Things Offerings
IBM Internet of Things Offerings
IBM Internet of Things
 
Why WSO2 for Digital Transformation
Why WSO2 for Digital TransformationWhy WSO2 for Digital Transformation
Why WSO2 for Digital Transformation
WSO2
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
Sutedjo Tjahjadi
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
jeffirby
 
CL2015 - Datacenter and Cloud Strategy and Planning
CL2015 - Datacenter and Cloud Strategy and PlanningCL2015 - Datacenter and Cloud Strategy and Planning
CL2015 - Datacenter and Cloud Strategy and Planning
Cisco
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckArrow ECS UK
 
Watson kista summit 2018 box
Watson kista summit 2018 box Watson kista summit 2018 box
Watson kista summit 2018 box
IBM Sverige
 
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
Athens Big Data
 
Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation?
WSO2
 
Security Implications of Accenture Technology Vision 2015 - Executive Report
Security Implications of Accenture Technology Vision 2015 - Executive ReportSecurity Implications of Accenture Technology Vision 2015 - Executive Report
Security Implications of Accenture Technology Vision 2015 - Executive Report
Accenture Technology
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Citrix
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsFrederic Roy-Gobeil, CPA, CGA, M.Tax.
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
PaaSword EU Project
 
Redington Value Journal - September 2016
Redington Value Journal - September 2016Redington Value Journal - September 2016
Redington Value Journal - September 2016
Redington Value Distribution
 
Glasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted FilesGlasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted Files
Dinis Cruz
 
Cisco Award Write Up
Cisco Award Write UpCisco Award Write Up
Cisco Award Write Up
Claudia Toscano
 

Similar to Smart Analytics for The Big Unknown (20)

IBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver InnovationIBM in Surveillance: Solutions that Deliver Innovation
IBM in Surveillance: Solutions that Deliver Innovation
 
Azure - a secure platform for source-to-pay
Azure - a secure platform for source-to-payAzure - a secure platform for source-to-pay
Azure - a secure platform for source-to-pay
 
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the CloudCE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
 
IBM Internet of Things Offerings
IBM Internet of Things OfferingsIBM Internet of Things Offerings
IBM Internet of Things Offerings
 
Why WSO2 for Digital Transformation
Why WSO2 for Digital TransformationWhy WSO2 for Digital Transformation
Why WSO2 for Digital Transformation
 
Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking Cloud & Big Data - Digital Transformation in Banking
Cloud & Big Data - Digital Transformation in Banking
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
 
CL2015 - Datacenter and Cloud Strategy and Planning
CL2015 - Datacenter and Cloud Strategy and PlanningCL2015 - Datacenter and Cloud Strategy and Planning
CL2015 - Datacenter and Cloud Strategy and Planning
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
Watson kista summit 2018 box
Watson kista summit 2018 box Watson kista summit 2018 box
Watson kista summit 2018 box
 
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
18th Athens Big Data Meetup - 1st Talk - Timeseries Forecasting as a Service
 
Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation?
 
Security Implications of Accenture Technology Vision 2015 - Executive Report
Security Implications of Accenture Technology Vision 2015 - Executive ReportSecurity Implications of Accenture Technology Vision 2015 - Executive Report
Security Implications of Accenture Technology Vision 2015 - Executive Report
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
 
Delve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of ThingsDelve Labs - Upcoming Security Challenges for the Internet of Things
Delve Labs - Upcoming Security Challenges for the Internet of Things
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdapt
 
Redington Value Journal - September 2016
Redington Value Journal - September 2016Redington Value Journal - September 2016
Redington Value Journal - September 2016
 
Glasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted FilesGlasswall - Safety and Integrity Through Trusted Files
Glasswall - Safety and Integrity Through Trusted Files
 
Cisco Award Write Up
Cisco Award Write UpCisco Award Write Up
Cisco Award Write Up
 

Recently uploaded

Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
gharris9
 
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AwangAniqkmals
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
gharris9
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Dutch Power
 
2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
Frederic Leger
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
faizulhassanfaiz1670
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
kkirkland2
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Access Innovations, Inc.
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
eCommerce Institute
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
amekonnen
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Dutch Power
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Rosie Wells
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 

Recently uploaded (19)

Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
 
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
 
2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 

Smart Analytics for The Big Unknown

  • 1. Smart Analytics for The Big Unknown Adrian DUMITRESCU adrian.dumitrescu@qeast.ro www.qeast.ro
  • 2. The Biggest (Cyber)Security Challenge In The World Today
  • 3. IN 2016 SECURITYCURRENT.COM RELEASED A RESEARCH 25 CISOs identified the biggest security challenges for the new year  The ability to detect and manage an incident  Securing personally identifiable information records from cyber attacks  Building a pervasive security culture at employee level  Conversion of the traditional end-point protection into technologies that can counteract ransomware  Reduce breach detection times and close all digital doors  Transform the role of the CISO from business solution providers to leaders and protectors  Manage cyberthreats in the IoT world  Accelerate the adoption of simple things: asset inventory, implement strong admin and user authentication, device encryption, backup etc.  Elevate the “state of IT security” and communicate the right information to leadership  Focus on compliance standards implementation www.qeast.ro3 http://www.securitycurrent.com/en/ciso_journal/ac_ciso_journal/cisos- identify-the-biggest-security-challenges-as-they-enter-the-new-year
  • 4. REAL LIFE APPLICATION OF THOSE CONCERNS www.qeast.ro4 Capture ATP Intrusion Prevention Intrusion Detection
  • 5. THE BIGGEST SECURITY CHALLENGE IN THE WORLD TODAY www.qeast.ro5 “...a wealth of information creates a poverty of attention...” ― Herbert A. Simon “In the Information Age, the first step to sanity is FILTERING. Filter the information: extract for knowledge.” ― Marc Stiegler Where is the knowledge we have lost in information? ― T. S. Eliot
  • 6. THE BIGGEST SECURITY CHALLENGE IN THE WORLD TODAY www.qeast.ro6 IDC predicts that, by 2020, organizations that analyze all relevant data and deliver actionable information will achieve extra $430 billion in productivity gains over their less analytically oriented peers. Fast, accurate security insights that lead to better business decisions It’s hard to deliver business value when you’re dealing with data that’s: • Poor quality or incomplete • Stale • Siloed in dozens of unconnected applications • Drawn from external sources that you don't control
  • 8. ABOUT OUR COMPANY Q-East Software Has built 15 years of excellence distributing high performance IT&C solutions, being now positioned as the trusted partner of choice in integrated software and hardware solutions projects, for both private companies and public institutions. With vision and expertise, Q-East Software provides state-of-the-art solutions for the management and security of systems, databases and applications. www.qeast.ro 8 8
  • 9. 9 SOLVING THE TOP PRIORITIES FOR IT We give you the time you need to… Modernize infrastructure for the cloud Enable a data-driven business Automate complex processes Optimize the application experience Improve efficiency and free up resources for other tasks Accelerate “Cloud Readiness” Make data always available to more users, anywhere Deliver applications that the business needs, faster
  • 10. www.qeast.ro COMPANY ACTIVITY IN NUMBERS 10 15 years of experience in medium and large scale projects Over 450 happy customers in both private and public sectors Projects with over 6 PB transferred data Over 6,000 audited systems Multiple Oracle, Microsoft, Quest certifications received by our experts
  • 11. Smart Big Data Analytics
  • 12. 5 IT AUDITING & COMPLIANCE MISTAKES ORGANIZATIONS MAKE Lack of visibility into who is doing what in application silos. Underestimating user & organizational impact. Inconsistent or absence of a GRC strategy. Inadequate data protection. 1 2 3 4 Failure to plan and manage external and internal audits.5 www.qeast.ro
  • 13. WHAT IF YOU COULD… 1 With one view answer: who has access, how was it obtained, and how was it used – all in real time? 2 Complete investigations with full-text search of critical IT data and its relation to users and events? 3 Report on user activity for internal investigations and compliance? 4 Be alerted on violations, malicious activity and suspicious trends as they happen? 5 Automate and secure collection of log data from disparate platforms without needing expertise? 6 Save expensive storage space and maintain compliance by storing event logs in a compressed, encrypted format? 7 Troubleshoot and pinpoint problems should an incident occur for operational visibility? 8 Improve insight and communication across teams with flexible reporting? 9 Eliminate information security silos with integration for SIEM solutions? 10 Leverage security and auditing solutions already in place? www.qeast.ro
  • 14. THIS IS WHY WE CREATED SMART INVESTIGATOR www.qeast.ro A high performance investigation and analytics tool with contextual, industry-specific dashboards: all in one place, in real time, to enhance the value of your existing security setup One Single View over All Events High-speed event search Real-time Alerts Enabling immediate measures Industry-specific Dashboards Rapid decision making among infinite data logs Predefined Scheduled Reports For compliance and reduced internal effort Fast Deployment 30 minutes - 4 hours, depending on the customer’s complexity
  • 15. SECURITY ANALYTICS PLATFORM  Precise identification of security incidents through innovative multi-SIEM/multi-platform data correlation  Real-time / schedule based connectivity to classical SIEM systems for data feeds  Embedded reports to validate control efficiency and effectiveness for frameworks and standards: ISO 27001, COBIT, FISMA, HIPPA, PCI/DSS, SOX  And more… www.qeast.ro
  • 16. HIGH LEVEL CAPABILITIES www.qeast.ro  Pre-configured connectors for a wide number of industry standard platforms: operating systems, ODBC databases, communications platforms, network devices, firewalls, IDS/IPS and database security solutions, SIEMs  JavaScript based event log parsing  NetFlow integration  Report packs for multiple technologies and compliance standards  Advanced Event Browser  Unlimited data storage that is compressed, encrypted and digitally signed  Unlimited number of nodes and scalability for all components (data collection, data parsing, data storage)  Full Cisco support and Unified Event Bus  Biometric security data integration
  • 17. ONGOING DEVELOPMENT AND INTEGRATION www.qeast.ro  Over 100 supported technologies from the initial 12  Focus on security analytics and business insights  Scaled up from 25,000 EPS to over 200,000  Scaled up from 2TB of repository data to over 20TB and queries response from tens of minutes to <5 minutes  Added built-in compliance for COSO and FIEL and reshaping the existing report packs  Added case management module  New modules for internal security evaluation and response: identity theft (biometrics and identity solutions integration, internal fraud)  New dedicated connectors for unified communications and distinct security platforms  New data collection, data parsing and data storage processors  New user interface for extended visibility into business processes Version 2.x is already in production since May 2017
  • 18. ONGOING DEVELOPMENT AND INTEGRATION www.qeast.ro  GDPR compliance dashboards and reports  Integration with industry-standard solutions like Dell Boomi and Informatica PowerCenter  Integration with compliance solutions designed for cloud (Azure AD, Office 365)  Integration with data protection solutions (DLP, CDP, Backup and Deduplication)  Release of Smart Investigator for Human Resources Departments as standalone product  Smart Investigator BI Edition will became a standalone product as Smart Investigator for Business  Smart Investigator Internal Fraud module will be sold only as part of the Smart Investigator for Financial standalone product What comes up with version 3.0 (starting May 2018) Prepare AuthorizationProtect & Secure ReviewManage Data Protection Impact Assessment Obtain prior Authorization from the Supervisory Authority Protect all data Data Protection Compliance Review Define the way data is collected and managed Data Protection Officer
  • 19. EVALUATING BUSINESS RISKS IN TERMS OF SECURITY AND COMPLIANCE www.qeast.ro
  • 20. ENTERPRISE SECURITY: END-TO-END AUDIT AND COMPLIANCE www.qeast.ro Graphical anomaly analyzer starting from one single exception event Correlation between tens of millions of events in seconds User-defined alerts for the most specific event requirements Intensive industry-specific expertise for high visibility and compliance Integration with physical security systems and correlation of data logs with real life events Based on synthesized results displayed into graphical intuitive charts
  • 22. Vodafone Online Management Platform The National Platform for Fiscal Statements Transelectrica GIS Platform The Biometric Passport The Electronic Vignette The Electronic Criminal Record Data Integration National Health Insurance House Security Access Management Erste Bank Secure Authentication In Sumitomo Electric Bordnetze www.qeast.ro1 WE TAKE PRIDE IN OUR PROJECTS Q-East Software has actively participated in large-scale national and international strategic projects, based on the good cooperation we have established with major System Integrators activating on the Romanian market. Hella International Active Directory Migration Volksbank Romania Lotus Domino Migration Autoliv Notes Applications Migration
  • 23. OUR CLIENTS www.qeast.ro BANKS FINANCIAL ENERGY TELECOMMUUNICATIONS GOVERNMENTAL INSTITUTIONS UTILITIES & RETAIL Long-lasting partnerships with over 450 companies and institutions Q-East Software provides information management, information security, data protection and identity and access management solutions for companies in the following industries:  Financial & Banking;  Telecommunications;  Utilities;  Energy;  Oil&Gas;  Public institutions and governmental agencies. 23
  • 24. CERT-RO Big Data Security Event Correlation and Analytics CERT-RO is permanently looking to access the newest technologies in order to quickly respond to cyber-attacks, but also to create an active frame of public acknowledgement in the field of cybersecurity. The need to proactively detect defense threats in real-time is vital, considering the proliferation of multiple, increasingly sophisticated attack forms, most of them being created with advanced and persistent techniques. Smart Investigator was successfully adopted as a single purpose display and alert over all security platforms in function, for its flexible scaling capabilities – both architectural and as a spanning data volume – and for the quicks insights it provides over tens of terabytes of data. Customer benefits: • Search and analysis over billions of events in near real-time • Intelligent and detailed analysis of each security event, from just a few clicks • Data correlation between infrastructure and operational applications • Integration in a single pane, of all existing security systems • Increased decision capacity and support via intuitive dashboards • Unlimited horizontal scalability without additional software costs www.qeast.ro24
  • 25. CERTSIGN Big Data Security Event Correlation and Analytics certSIGN is the first private CERT organization, with the mission to protect individual endpoint users against security incidents. certSIGN has as main activity the release and renew of digital certificates, but it also offers complete solutions for data, transactions and authentication integrity. In order to keep its security services standard at a high level, certSIGN tested a long range of compliance solutions over time. They invested heavily in multiple SIEMs, each for a purpose. In time, they also faced a dissemination of information across all systems and technologies and the inability to provide a fast respose against a threat affecting more than one division. Smart Investigator proved to be the only solution scalable enough and flexible enough to deliver a fast reaction against any inside or external threat. A major concern addressed by our solution was the real-time, 24x7 detection and prohibition of non-compliant access against confidential information held in heterogeneous data deposits, both structured and unstructured. The flexible implementation capabilities allowed for complete elimination of false alerts, while security teams can quickly intervene to remediate and save the integrity and data leak of privacy data. Also full data aggregation over all SIEMs in place provides a single-pane image of all monitored platforms, while potential anomalies are easily brought to surface. Customer benefits: • GDPR compliance by default, with 80% default coverage of regulatory demads • Proactive supervision of work processes and applications • Precise identification of security incidents by innovative correlation • Single pane security glass www.qeast.ro25
  • 26. Visual investigation workflow allowing travelling back and forth on the event track Screenshots
  • 28. Top Event Categories Top Event Types: Warning Failure audit Success audit Error Information Top Event Sources Screenshots
  • 29. Top IP addresses (internal and external) generating events Top internal IP addresses generating events Top external IP addresses generating events Screenshots
  • 30. ANAF INTEGRITY DIVISION Criminal investigations over ANAF applications ANAF’s Integrity Division was created as an internal team of police officers with the single purpose of gathering and investigating proofs of criminal activity performed by ANAF’s personnel, as part of standard prosecuting procedure. The biggest challenge was to have the ability of search and correlate information produced by more 160 financial applications developed in the past 20 years, and used by more than 25,000 employees, in order to provide the required evidences of criminal activity. They needed a solution that could extract data from all 160 applications, using more than 100 distinct connectors, and counting hundreds of thousands of records each day. The data had to be kept online for 6 months, and archived for the next 5 years. As an extra, the requirements were valid for all data that is currently in ANAF’s silos, some dating back to 2003. Execution time: 5 months. We qualified Smart Investigator together with the Internal Fraud module and Quest Compliance Suite and were able to meet all demands in the proper time, including the tight budget, due to the product’s easiness in creation of new connectors, new dashboards and new reports, but also by taking benefit of the good analytics capabilities that allowed for the proper correlation and display of extremely heterogeneous data. The extreme compression abilities and no-sql search capabilities allowed for maximization of the minimal requirements, and at this moment the solution is able to keep online 1 years of data, while archiving for 10 years. Extracting and making available data from archives takes less than 24 hours, in case of need. Reports can be produced in minutes, and investigations can be performed in near real-time across all online silos, no matter the level of depth. www.qeast.ro30
  • 31. ANAF INTEGRITY DIVISION INVESTIGATION www.qeast.ro31
  • 32. VODAFONE ROMANIA Internal audit, security analytics and fraud management Vodafone has a long history in using Q-East Software solutions for managing its compliance over systems and custom applications. The company uses a global SIEM provider to monitor the external security level, and a local deployment for internal audits. In the past years, the Security Department also implemented several other security platforms over network, databases and applications. The main challenge came when the Business decided to unify operational activity over all security applications, and correlate with insights from SIEM and internal audit in order to have the big compliance picture. As an extra, they reshaped the fraud management platform and decided to implement a unified solution that can handle all of the above. All data needed to be enhanced with information from custom applications. Smart Investigator was the solution of choice following an internal PoC that took over 6 months, with more than 100 customizations being implemented to address custom loads. Customer benefits: • Multi-SIEM/multi-platform data correlation using unique algoritms • Fast search over millions of aggregated events in seconds • Over 100k eps processed in real-time from security platforms • Real-time, no-impact connectivity to SIEM and security applications • Synthetic results presented in diagrams designed to support the decision process • Built-in reports customized to support ISO 27001, COBIT, PCI DSS and SOX compliance over all integrated platforms • User-defined alerts for any new request www.qeast.ro32
  • 33. VODAFONE ROMANIA INTERNAL FRAUD ANALYTICS www.qeast.ro33 Data aggregation from custom applications and fraud identification Setting summary alerts based on identified fraud cases Alerting based on defined scenario and adding fraudulent events Pinpoint the fraud responsible
  • 34. AADR DIGITAL AGENDA STRATEGY Support for the Romanian Digital Agenda Strategy The Romanian Digital Agenda Agency manages IT systems of national interest that are destined for electronic governance. The Agency has a long term purpose of implementing the Romanian Digital Agenda Strategy, AADR manages important systems like: SEN (e-guvernare.ro), SEAP (e-licitatie.ro), SAET (autorizatiiauto.ro), SNEP (ghiseul.ro), PCUE (edirect.e-guvernare.ro). The Public Acquisitions Electronic System (SEAP) has the biggest focus due to the high utilization rate and the continuous functionality requirement (14,721 contractors, 56,483 deponents and over 300 md lei in initiated procedures). As well, SAET had a total of over 21 md lei in taxes. As part of its goal to efficiently and securely administer these systems, AADR implemented over the years, a number of SIEM solutions, as well as other security platforms. The last internal audit revealed the need for a solution that can unify information provided by all these systems, but also to act as a business layer over the implemented systems. AADR started its process of maping Smart Investigator for security insight and business analytics in December 2016, and SEAP was chosen as a first integration. As part of the project, a mandatory business requirement was to implement a set of competition indicators and act also as a fraud investigation solution to be used by the Competition Council to detect and react against proofs of fake biddings. Project highlights: • Application log management and fast reaction solution electronic applications of national interest • Part of the Digital Agenda Strategy for Romania • Integration with AlienVault, ArcSight and Quest Compliance Suite • Advanced correlation, alerting, storage and display on electronic activity for over 100,000 registered users • Implementation of “Toolkit for detecting collusive bidding in public procurement” EU standard • Fraud detection thanks to the BI module and Internal Fraud module www.qeast.ro34
  • 35. AADR DETECTION OF FRAUDULENT BIDS www.qeast.ro35
  • 36. AADR DETECTION OF FRAUDULENT BIDS www.qeast.ro36 The relative value of contracts (starting indices) Attending announcements (starting indices) Three bidders with 100% win (statistical indicator) Market leaders (statistical indicator) Market leaders per product type (statistical indicator)
  • 37. VIG POLAND Event Log Management with HR data incident response Vienna Insurance Group operates via a total of five companies and four brand names on the Polish insurance market. VIG companies include Compensa Life and Non-Life, InterRisk, Polisa and the life insurer Skandia. From the IT point of view, VIG Poland is a hybrid of more-or-less integrated companies, but with common departments for application development, system management, security and human resources. These are the key beneficiaries of our Smart Investigator implementation, where the distinctive approach and the solution value lies in: • Multi-tenant approach against the unified infrastructures • Correlation of user activity under different identities coming from various identity stores • Integration of data flows from the current security solutions in place, including FireEye • Event data enrichment with informations from Cisco NetFlow and SNMP data • Addressing heterogeneous operating systems, database platforms, application logs and web application outputs in a unified manner • Integration of Exchange Tracking Logs for DLP purposes • HR data correlation for detection and response against access and authentication events coming from deprovisioned employees www.qeast.ro37
  • 38. VIG POLAND IMPLEMENTATION EXAMPLES www.qeast.ro38 Classic data correlation and aggregation of multiple technologies over multiple identity sources New technology report packs,.. … correlation with HR list of expired labor contracts Infections detected in FireEye Event correlation dynamic lists

Editor's Notes

  1. CYBERSECURITY = the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this CYBERTHREAT = the possibility of a malicious attempt to damage or disrupt a computer network or system:
  2. This is your typical or atypical organization 20 years ago, all going smooth (1) Suddenly threats are starting to come in, cyber-security becomes a buzz-word, and depending on the profile of your organization, you have to deal with various concerns – all related to security (2) First you choose a good firewall – let’s say CheckPoint (3) Then you study that a best practice is to have sandwiched perimeter protection from two different vendors – and you choose SonicWall because of the 2 mil. sensors worldwide GRID for zero-day protection… (4) … and because it also has APT (5) Despite these, email security becomes a concern because email servers cannot filter spam and phishing by themselves. You choose either leading solution on the market (6) Your empoyees access applications on the web and viceversa – relations to partners, forms filling etc. IDS and IPS become a must (7) Your organization has employees and computers… (8) … that need to be managed and protected – you choose from the distinguished representants here, Kace and Kaspersky (9) You also have a datacenter with servers, databases and applications… (10) … that need to be managed and protected – you choose Ivanti, Cisco, F5 and Quest VROOM (for end to end application performance management and data protection) (11) This datacenter also needs to be secured to outside access, at database and web application layer – F5 and Imperva win the bid (12) Fortinet proves is the best scalable choice to link your HQ, employees and datacenters with a third layer firewall (13) How about the Board of Directors? (14) They want insight from the applications. Informatica. Buzz-words MDM and ILM (15) Your organization uses also the cloud, and they need both a MDM sync betweenon-premise data stores and cloud – let’s say Salesforce (16) Board of directors decides security is a huge impact on business. You need to give them a SIEM tool for cloud and on-premise business layer – If Ivanti was a choice for management, QRadar follows (17) Have you heard of GDPR? Yes it’s near. (18) Make sure data privacy is implemented in your organization… Blancco and Symantec DLP (19) Business processes are tuned up – OneIdentity (20) But you also need to prove compliance – Quest Compliance and ArcSight. Yes, another SIEM tool
  3. Job one of our entire software portfolio is to automate the repetitive and time-consuming work your team does. Every one of our 100K customers is more efficient and thus more effective with their spend. Next your highly efficient team will be able to modernize your physical and virtual infrastructure so you can move more to the cloud – faster. We get you to the cloud quicker and help you manage your increasingly hybrid environment. Backed by a community of more than 4 million data professionals and expertise across 50 data platforms we help you spend less on data management and focus more on being data-driven. And we help optimize the application experience so end users have a great experience with every application they use, every time they use it. Everything we do is focused at these four critical issues so you have more time for innovation and driving your business. Let me continue and I will tell you how we do this.
  4. NOTE to Presenter: GRC = Governance, risk management and compliance
  5. Mai multe capabilitati: Identificarea precise si usoara a incidentelor prin corelare Multi/Siem, Multi/Platforma Conectivitate in timp real sau pe baza de schedule pe sisteme clasice de SIEM Rapoarte de conformitate cu standarde specifice si uzuale: ISO 27001 COBIT FISMA HIPPA PCI/DSS SOX Pentru: Analiza de loguri Detectie de intruziuni Alertare de fraude in aplicatii Corelare date multi/siem Corelare date din zona de network cu aplicatii/infrastructura.
  6. Mai multe capabilitati: Identificarea precise si usoara a incidentelor prin corelare Multi/Siem, Multi/Platforma Conectivitate in timp real sau pe baza de schedule pe sisteme clasice de SIEM Rapoarte de conformitate cu standarde specifice si uzuale: ISO 27001, COBIT, FISMA, HIPPA, PCI/DSS, SOX Pentru: Analiza de loguri Detectie de intruziuni Alertare de fraude in aplicatii Corelare date multi/siem Corelare date din zona de network cu aplicatii/infrastructura.
  7. NOTE to Presenter: Close to 1mil EUR contracted values since September 2016!!!!
  8. Everyone should understand that for organizations to be successful on a competitive market, it’s not about the technology but about enterprise collaboration and about creating the culture to allow and drive the RIGHT people to do the RIGHT job by using the RIGHT tools The right technology, in the right situation can go a long way towards enabling teams and people to manage business processes and by that, collaborate for the common goal of maximizing business productivity
  9. 20
  10. Core Capabilities of SIEM Technology: Below are Gartner’s five most common core capabilities of SIEM technology. Event and Data Collectors: SIEM products collect network traffic event data via receipt of a syslog data stream from the monitored event source. Correlation: This establishes relationships among messages or events that are generated by devices, systems, or applications, based on characteristics such as the source, target, protocol, or event type. Correlation is important for threat management (to track and analyze the progression of an attack across components and systems) and for user activity monitoring (to track and analyze the activity of a user across applications, or to track and analyze a series of related transactions or data access events). Event Normalization and Taxonomy: This is a mapping of information from heterogeneous sources to a common classification. A taxonomy aids in pattern recognition and also improves the scope and stability of correlation rules. When events from heterogeneous sources are normalized they can be analyzed by a smaller number of correlation rules, which reduces deployment and support labor. In addition, normalized events are easier to work with when developing reports and dashboards Scalable Architecture and Deployment Flexibility: These are derived from vendor design decisions in the areas of product architecture, data collection techniques, agent designs, and coding practices. During the planning phase, many organizations underestimate the volume of event data that will be collected, as well as the scope of analysis reporting that will be required. An architecture that supports scalability and deployment flexibility will enable an organization to adapt its deployment in the face of unexpected event volume and analysis. Deployment and Support Simplicity: For smaller security staffs and more limited system support capabilities, predefined functions and ease of deployment and support simplicity are valued over advanced functionality and extensive customization. This calls for an architecture that supports scalability and deployment flexibility. Embedded knowledge is delivered with predefined dashboard views, reports for specific monitoring tasks and audit requirements, a library of correlation rules for common monitoring scenarios, and event filters for common sources. There should also be an easy way to modify the predefined functions to meet the particular needs of an organization.