SlideShare a Scribd company logo

Symantec Webinar: What Cyber Threats Are Lurking in Your Network?

Symantec
Symantec

The document discusses the benefits of network forensics and security analytics solutions. It describes how an online gaming company struggled to determine if they were breached due to lacking network visibility. It then outlines how security analytics can provide complete network visibility by passively capturing all network traffic and enriching it with threat intelligence to help speed incident detection and response. The document advocates that organizations should retain at least 30 days of network traffic data for investigations. It also describes how security analytics works and the different deployment options available. Real customer examples are then provided where advanced threat assessments uncovered security issues and helped customers strengthen their security posture.

Technology
1 of 27
Download to read offline
What’s Lurking in Your Network? Complete Security Visibility = Peace of Mind Alan Hall, Symantec Andre Engel, Symantec
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 2 Online Gaming Company in Chaos The Need for Network Forensics – Painful Story Had no way to confirm or deny… Concerns about brand and reputational impact… People and big $ thrown at the problem… Informed we may be the victim of a breach “Why can’t you prove if this happened or not”… Urgent, high-priority project spun up…
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 3 Cannot Quickly Detect or Accurately Assess Impact of an Incident The “Average” Enterprise TODAY’S REALITY RESOLUTION INCIDENT IDENTIFIED TIME TO DETECTION 206DAYS* TIME TO RESPONSE 21-35DAYS* *Verizon Data Breach Investigations Report BREACH ** Ponemon: https://www.ponemon.org/ • Damage occurring for nearly 7 months before detection • …and is not resolved for another month after identified Average Breach Cost - $3.8M **
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 4 Complete Answers for Focused Resolution Security Analytics Security Analytics – System of Record Security Analytics doesn’t disrupt the Networking/IT department Records all traffic – 24/7 lossless packet capture (header and payload) – Days/weeks/months Massive Intelligence – Enriches with Symantec and 3rd party threat and reputation data Reconstructs All Evidence – Artifacts, flows, files, and activity in human-readable form At a minimum, organizations should capture 30 days’ of packet data. 60 days’ worth is even better.”
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 5 Security Analytics – How It Works Security Analytics sits passively off the network (SSLV orTAP)1 1 2 Captures all network traffic(packet header/payload)2 Taps GIN andoutside threat intelligence to enrichpacket data3 Unknownfiles sent to Content Analysis/3rd party to Sandbox4 Alerts fromSAorother tools may trigger aninvestigation5 Incident response teamfinds source/scope ofattack,resolves6 3 SA CA sandbox GIN + 3rd Party Reputation 4 6 5 SSLV/TAP SEPM
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 6 Security Analytics Virtual Appliance Total networkvisibility Absolute flexibility Security Analytics Appliances Comprehensive,pre-configured appliances (speed+storage options) Security Analytics Components Manage multiple appliances/VMs Security Analytics Central Manager Scale to any retention requirementwith high-densitystorage options Security Analytics Storage Modules Direct-attached and SAN • Forensics for network and cloud workloads • Full visibility • Dynamic scaling • Additional platforms coming
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 7 Real-time MSS Incident Triage and Validation Symantec Managed Network Forensics MSS Analysis Team Validate,Classify, Prioritize,Escalate Endpoint Firewall Proxy IDS/IPS Data Collection 1 MSS Analytics 2 Incident Handling 3 MSS Analytics Engine Transforms logdata into security events Applies intelligence / business context Intelligence BusinessContext Cloud SymantecManagedNetworkForensics* • MSS SOC TechnologyPlatform identifiesa suspicious event defined bySYMC Intel • MSS Analyst uses customer’sSymantec Security Analytics to perform Tier 1 triage • MSS Analyst updates incident severity accordingly • (Optionally)MSSengages IR team for rapid response Server Symantec Security Analytics *Customer mustalso own Security Analytics MSS SOC Technology Platform Advanced analytics Machine learning
Advanced Threat Assessment Complete Visibility – Uncovering What’s Really on your Network
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 9 Advanced Threat Assessment (ATA) What is it? • Security Analytics records your network data • Results are analyzed to identify attacks, possible threats, and gaps • Think of it as PoC Light…It’s like a Black Box Recorder…and it’s FREE. Why? • Real visibilityinto your network and security posture • Reveals key issues – It’s not a demo, it’s your data! • You can prioritizes your security initiatives ATA = Complete Visibility and Peace of Mind
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 10 Easy Process to Gain Visibility into Your Security Posture Free Advanced Threat Assessment Deploy Drop Security Analytics into your network Record Record Traffic: for a week Push Push Button: Generate Risk and Visibility Report Review Review report and uncover areas to improve security ~ 1-3 Weeksto completedepending onlevelof detail Fortify Address issues and fortify security
Risk & Visibility Report
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 12 Custom assessment report in minutes Risk & Visibility Report
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 13 Push Button – See Results! Risk and Visibility Report Analyzes captured network traffic View what’s on your network Creates reports for: • Malicious files • Alerts • SSL traffic • Risky applications • Anomalies • …more Generates executive summary Close security gaps!
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 14 The Power of an ATA UNKNOWN FILES? Focus onDeeper Inspection, sandbox,Isolation 136.74K unknown/unrated files not scanned for novel threats and zero-daymalware HIGH RISK TRAFFIC? Look into CASB solution 1.11K Malicious URLs detected by WRS HIGH ENCRYPTED TRAFFIC? Decrypt traffic for full visibility MALICIOUS AND UNCATEGORIZED URLS? Look into WebIsolation 86.77 GB High Risk Traffic Potential riskofdata loss or policy compliance issues 50.98%Encrypted Traffic 30.98KPredicted Files Hidden in Encrypted Traffic
Real Examples Andre Engel, Symantec
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 16 Security Analytics in Cyber Security Exercise
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 17 Part of the German blue team in Locked Shields 2019
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 18 Ever played with the best team in the world?
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 19 Adding Value to Any Industry Advanced Threat Assessment
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 20 Customer • 2,400 retail stores / 19 countries / Sales – 2.4B Euros • Customer is looking into Cyber Insurance ATA Findings • Identified breaches, phishing attacks, active botnets compromised systems, unsecure communications, etc. • Symantec a strategic security partner! • Solution: • Incident Response Service • SymantecEndpoint Protection • SymantecEmail.cloud Lower cost of customer’s cyber insurance “The ATA helped us know our true security posture.” ATA Changes the Game Advanced Threat Assessment Helps Secure Retail Giant ATA: European Retail Giant ATA Details • Deployed SA and captured traffic for three weeks • Reviewed Risk & Visibility report / Presented findings ATA Lead to Incident Response Team Engagement • Symantec IR Team engaged to verify criminal misusage and possible lateral movement
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 21 Assessment key findings 51.28Munknown/unrated files not scanned for novel threats and zero-daymalware 18.34KMalicious URLs detected by WRS 3.75 TBHigh Risk Traffic Potential riskofdata loss or policy compliance issues 32.75%Encrypted Traffic 183.95KPredicted Files Hidden in Encrypted Traffic
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 22 Customer • International Science and Technology Graduate School • Over half faculty and staff recruited outside of country • Concerned with outside and internal threats • Use SIEM, but limited staff for many alerts – crossing fingers ATA Findings • Suspicious behavior, P2P communications, Risky sites, 50% encrypted traffic • Not aware of security issues without the ATA – Serious attention • Changed their focus and narrowed their attention to high-priority issues • Solution: • Network Forensics- “look back” • SSLdecryption for visibility • Malware and sandbox inspection • Cloud Security Services • Threat Intelligence / Reputation Services • Email security with training • Email and Web Isolation • Confidence in strengthened security ATA Changes the Game Assessment Strengthens University’sSecurity ATA: APAC Higher Education ATA Details (Driven by APAC Team) • CISO wanted to see actual threats through ATA • Recorded for one month/Shared Risk & Visibility Report
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 2323 Compliance violation and shadow IT 228.46 GB High Risk Traffic Potential risk of data loss or policy compliance issues Encrypted traffic 49.05% Encrypted Traffic 5.22K Predicted Files Hidden in Encrypted Traffic Unknown/Unrated files 3.06M unknown/unrated files not scanned for novel threats and zero-day malware Web access to malnet 3.74K Malicious URLs 1.28M Malicious Files Found Assessment key findings
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 24 Differentiated Solution Symantec Security Analytics 1 2 3 Incident Response Focus Full packet capture for IR, not network ops Metadata Data enrichment for swift access and root cause discovery Integrations Adding critical context to security tools
Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 25 Next Steps • Check out Security Analytics • Sample Risk & Visibility Report • Register for an ATA go.symantec.com/ata
QA
Thank You

Recommended

Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018African Cyber Security Summit
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationPRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationSymantec
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and OrchestrationGreg Foss
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 

Recommended

Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018African Cyber Security Summit
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationPRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationSymantec
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and OrchestrationGreg Foss
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain OpenDNS
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricRahul Neel Mani
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 
Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Imperva
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & VflowCamilo Fandiño Gómez
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityMarketingArrowECS_CZ
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the ThreatIBM Security
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacksPowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacksSymantec Security Response
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENVladyslav Radetsky
 

More Related Content

What's hot

Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain OpenDNS
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricRahul Neel Mani
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 
Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Imperva
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the ThreatIBM Security
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacksPowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacksSymantec Security Response
 

What's hot (20)

Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security Fabric
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
 
Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacksPowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacks
 

Similar to Symantec Webinar: What Cyber Threats Are Lurking in Your Network?

Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - SymantecHarry Gunns
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...TI Safe
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecCSA Argentina
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & ResponseHarry McLaren
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformJohn Pollack
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Symantec Portfolio - Sales Play
Symantec Portfolio - Sales PlaySymantec Portfolio - Sales Play
Symantec Portfolio - Sales PlayIftikhar Ali Iqbal
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYETDAofficialRegist
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud GenerationForcepoint LLC
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield
 

Similar to Symantec Webinar: What Cyber Threats Are Lurking in Your Network? (20)

Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantec
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & Response
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
Symantec Portfolio - Sales Play
Symantec Portfolio - Sales PlaySymantec Portfolio - Sales Play
Symantec Portfolio - Sales Play
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk Brief
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantSymantec
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
 

Recently uploaded

Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringWSO2
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 

Recently uploaded (20)

Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 

Symantec Webinar: What Cyber Threats Are Lurking in Your Network?

  • 1. What’s Lurking in Your Network? Complete Security Visibility = Peace of Mind Alan Hall, Symantec Andre Engel, Symantec
  • 2. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 2 Online Gaming Company in Chaos The Need for Network Forensics – Painful Story Had no way to confirm or deny… Concerns about brand and reputational impact… People and big $ thrown at the problem… Informed we may be the victim of a breach “Why can’t you prove if this happened or not”… Urgent, high-priority project spun up…
  • 3. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 3 Cannot Quickly Detect or Accurately Assess Impact of an Incident The “Average” Enterprise TODAY’S REALITY RESOLUTION INCIDENT IDENTIFIED TIME TO DETECTION 206DAYS* TIME TO RESPONSE 21-35DAYS* *Verizon Data Breach Investigations Report BREACH ** Ponemon: https://www.ponemon.org/ • Damage occurring for nearly 7 months before detection • …and is not resolved for another month after identified Average Breach Cost - $3.8M **
  • 4. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 4 Complete Answers for Focused Resolution Security Analytics Security Analytics – System of Record Security Analytics doesn’t disrupt the Networking/IT department Records all traffic – 24/7 lossless packet capture (header and payload) – Days/weeks/months Massive Intelligence – Enriches with Symantec and 3rd party threat and reputation data Reconstructs All Evidence – Artifacts, flows, files, and activity in human-readable form At a minimum, organizations should capture 30 days’ of packet data. 60 days’ worth is even better.”
  • 5. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 5 Security Analytics – How It Works Security Analytics sits passively off the network (SSLV orTAP)1 1 2 Captures all network traffic(packet header/payload)2 Taps GIN andoutside threat intelligence to enrichpacket data3 Unknownfiles sent to Content Analysis/3rd party to Sandbox4 Alerts fromSAorother tools may trigger aninvestigation5 Incident response teamfinds source/scope ofattack,resolves6 3 SA CA sandbox GIN + 3rd Party Reputation 4 6 5 SSLV/TAP SEPM
  • 6. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 6 Security Analytics Virtual Appliance Total networkvisibility Absolute flexibility Security Analytics Appliances Comprehensive,pre-configured appliances (speed+storage options) Security Analytics Components Manage multiple appliances/VMs Security Analytics Central Manager Scale to any retention requirementwith high-densitystorage options Security Analytics Storage Modules Direct-attached and SAN • Forensics for network and cloud workloads • Full visibility • Dynamic scaling • Additional platforms coming
  • 7. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 7 Real-time MSS Incident Triage and Validation Symantec Managed Network Forensics MSS Analysis Team Validate,Classify, Prioritize,Escalate Endpoint Firewall Proxy IDS/IPS Data Collection 1 MSS Analytics 2 Incident Handling 3 MSS Analytics Engine Transforms logdata into security events Applies intelligence / business context Intelligence BusinessContext Cloud SymantecManagedNetworkForensics* • MSS SOC TechnologyPlatform identifiesa suspicious event defined bySYMC Intel • MSS Analyst uses customer’sSymantec Security Analytics to perform Tier 1 triage • MSS Analyst updates incident severity accordingly • (Optionally)MSSengages IR team for rapid response Server Symantec Security Analytics *Customer mustalso own Security Analytics MSS SOC Technology Platform Advanced analytics Machine learning
  • 8. Advanced Threat Assessment Complete Visibility – Uncovering What’s Really on your Network
  • 9. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 9 Advanced Threat Assessment (ATA) What is it? • Security Analytics records your network data • Results are analyzed to identify attacks, possible threats, and gaps • Think of it as PoC Light…It’s like a Black Box Recorder…and it’s FREE. Why? • Real visibilityinto your network and security posture • Reveals key issues – It’s not a demo, it’s your data! • You can prioritizes your security initiatives ATA = Complete Visibility and Peace of Mind
  • 10. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 10 Easy Process to Gain Visibility into Your Security Posture Free Advanced Threat Assessment Deploy Drop Security Analytics into your network Record Record Traffic: for a week Push Push Button: Generate Risk and Visibility Report Review Review report and uncover areas to improve security ~ 1-3 Weeksto completedepending onlevelof detail Fortify Address issues and fortify security
  • 12. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 12 Custom assessment report in minutes Risk & Visibility Report
  • 13. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 13 Push Button – See Results! Risk and Visibility Report Analyzes captured network traffic View what’s on your network Creates reports for: • Malicious files • Alerts • SSL traffic • Risky applications • Anomalies • …more Generates executive summary Close security gaps!
  • 14. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 14 The Power of an ATA UNKNOWN FILES? Focus onDeeper Inspection, sandbox,Isolation 136.74K unknown/unrated files not scanned for novel threats and zero-daymalware HIGH RISK TRAFFIC? Look into CASB solution 1.11K Malicious URLs detected by WRS HIGH ENCRYPTED TRAFFIC? Decrypt traffic for full visibility MALICIOUS AND UNCATEGORIZED URLS? Look into WebIsolation 86.77 GB High Risk Traffic Potential riskofdata loss or policy compliance issues 50.98%Encrypted Traffic 30.98KPredicted Files Hidden in Encrypted Traffic
  • 16. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 16 Security Analytics in Cyber Security Exercise
  • 17. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 17 Part of the German blue team in Locked Shields 2019
  • 18. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 18 Ever played with the best team in the world?
  • 19. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 19 Adding Value to Any Industry Advanced Threat Assessment
  • 20. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 20 Customer • 2,400 retail stores / 19 countries / Sales – 2.4B Euros • Customer is looking into Cyber Insurance ATA Findings • Identified breaches, phishing attacks, active botnets compromised systems, unsecure communications, etc. • Symantec a strategic security partner! • Solution: • Incident Response Service • SymantecEndpoint Protection • SymantecEmail.cloud Lower cost of customer’s cyber insurance “The ATA helped us know our true security posture.” ATA Changes the Game Advanced Threat Assessment Helps Secure Retail Giant ATA: European Retail Giant ATA Details • Deployed SA and captured traffic for three weeks • Reviewed Risk & Visibility report / Presented findings ATA Lead to Incident Response Team Engagement • Symantec IR Team engaged to verify criminal misusage and possible lateral movement
  • 21. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 21 Assessment key findings 51.28Munknown/unrated files not scanned for novel threats and zero-daymalware 18.34KMalicious URLs detected by WRS 3.75 TBHigh Risk Traffic Potential riskofdata loss or policy compliance issues 32.75%Encrypted Traffic 183.95KPredicted Files Hidden in Encrypted Traffic
  • 22. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 22 Customer • International Science and Technology Graduate School • Over half faculty and staff recruited outside of country • Concerned with outside and internal threats • Use SIEM, but limited staff for many alerts – crossing fingers ATA Findings • Suspicious behavior, P2P communications, Risky sites, 50% encrypted traffic • Not aware of security issues without the ATA – Serious attention • Changed their focus and narrowed their attention to high-priority issues • Solution: • Network Forensics- “look back” • SSLdecryption for visibility • Malware and sandbox inspection • Cloud Security Services • Threat Intelligence / Reputation Services • Email security with training • Email and Web Isolation • Confidence in strengthened security ATA Changes the Game Assessment Strengthens University’sSecurity ATA: APAC Higher Education ATA Details (Driven by APAC Team) • CISO wanted to see actual threats through ATA • Recorded for one month/Shared Risk & Visibility Report
  • 23. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 2323 Compliance violation and shadow IT 228.46 GB High Risk Traffic Potential risk of data loss or policy compliance issues Encrypted traffic 49.05% Encrypted Traffic 5.22K Predicted Files Hidden in Encrypted Traffic Unknown/Unrated files 3.06M unknown/unrated files not scanned for novel threats and zero-day malware Web access to malnet 3.74K Malicious URLs 1.28M Malicious Files Found Assessment key findings
  • 24. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 24 Differentiated Solution Symantec Security Analytics 1 2 3 Incident Response Focus Full packet capture for IR, not network ops Metadata Data enrichment for swift access and root cause discovery Integrations Adding critical context to security tools
  • 25. Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY– Limited Use Only 25 Next Steps • Check out Security Analytics • Sample Risk & Visibility Report • Register for an ATA go.symantec.com/ata
  • 26. QA