Learn how you can adopt to use the best Security Mechanisms which leverages unmatched combination of behavioral analysis, machine learning & dynamic threat intelligence to deliver comprehensive rich visibility, holistic threat detection & containment of threats in real-time.

1. Lalit Shinde, Head of Strategic Partnerships, Seceon
FEEL SECURE with
revolutionary OTM
Solution –
Panel Discussion
Webinar
16th Nov, 2017
1

2. • Sophistication of attacks
• Quick proliferation of attacks
• Continually evolving technologies
Changing Landscape of Cyber
Security Attacks
“There are two kinds of organizations:
Those who’ve been hacked and know it, and
those who’ve been hacked and don’t know
it” – Chad Fulgham, former CIO of FBI
2

3. • Firewalls, End-Point Solutions, Spam
Lists and Filters, SIEM
• Silo point solutions for each new
type of attack
• Reactive solutions to Data Breaches
• Threat data overload – Copious
amount of false positives
• No real time solution – human
factor
Legacy Security Solutions
3

4. • Proactive approach to identifying
both known and unknown threats
• Comprehensive visibility into all
kinds of traffic
• Intelligence and data science driven
protection
• Holistic solution to protect the
enterprise’s entire ecosystem
• Automated remediation
Innovative Security Approach
4

5. Michael E. Crean, CEO, Solutions Granted
Role of Machine
Learning and AI in Cyber
Security
5
Webinar
16th Nov, 2017

6. • What is wrong? But knowing just
that is not enough.
• Why is it wrong?
• How to fix it?
• Anomalous behavior differs from
industry to industry requiring use of
unsupervised algorithms
• Context matters – Correlation to all
factual data is important to reduce
false positives
Why Artificial Intelligence and
Machine Learning?
6

7. • Accuracy and confidence of threat
detection
• Specificity and correlation of threat
vectors with factual data
• Ability to work with variety of data
sources – network traffic, host and
application logs, DNS logs, DHCP logs,
Identity management (AD) logs etc.
• Ability to integrate with and push
policies to all types of network devices
to stop the threat
Producing Actionable Intelligence
7

8. Grigoriy Mills, CTO, RFA
Cyber Security – Case
for Automation for
MSSPs
8
Webinar
16th Nov, 2017

9. Challenges: Operational Cost of Investigations
Flows/Logs Troubleshooting Activity Type
Flow/Log
Instances
Comments
NG FW generates events/logs around an
instance of an infected device attempting to
connect to a bad web site.
North-South
Activity
444
NG FW is resetting connections from the
device over time and is not correlating
these "non critical flagged" instances
Device is also performing IP Sweeps
East- West
Activity
135
Few separate instances across the internal
network
Device is also performing IP Port scans
East- West
Activity
92
Few separate instances across the internal
network
Device needs to be identified Internal Activity 1
What device is it? who or what group it
belongs to?
Total Activity 672 Total instances to investigate
Consider an example where a device is infected with a Malware
9

10. Challenges: Operational Cost of Investigations
Jr. SOC
Analyst
Sr. SOC
Analyst
Costs
$75,000 $250,000.00
SOC Analyst Burdened rate
per year
$1,442.31 $4,807.69 cost per week
$36.06 $120.19 cost/hour
$0.60 $2.00 cost/minute
Minutes per instance investigation 1.5
Total minutes of effort per incident 1006.5
$ cost/minute $0.60
Total Cost to correlate one incident $603.90
Typical Incidents per business day
investigated at a Mid Sized F5000 (As
per Ponemon/Verizon Reports) 3
Total Cost per business day $1,811.70
Total Cost per year $452,925.00
Automation can completely eliminate this total cost
10

11. Challenges: Cost of MTTI and MTTC
MTTI – Mean Time To Identify
MTTC – Mean Time To Contain
US $M
US $M
US $M
Source: Ponemon 2016 Cost of Data Breach Study Report
11

12. • Timely response to every attack is necessary to
stave off bigger cost of data breach – Automated
real-time detection and response
• Reduce the operational cost – SOC team
designing and operationalizing security practice
rather than investigating every false positive
• Affordable for any size organization – SMBs are as
prone to attack as large enterprises and your
cyber hygiene affects everyone you are dealing
with
Cyber Security – Case for Automation
12

13. Ron Culler, CTO, Secure Design Inc.
Seceon Open Threat
Management Solution
13
Webinar
16th Nov, 2017

14. • Focus: Providing a solution effective at detecting and stopping the most dangerous and costly
Cyber threats as soon as they happen, while dramatically lowering IT costs
14
++
See Everything Detect Threats That Matter Stop the Threat
Seceon OTM
Seceon’s Disruptive Approach!
Seceon, Inc. Confidential – NDA Required

15. 15
CCE – Control and Collection Engine
Collects inputs from variety of sources
Extracts key meta data and sends refined input to
APE
APE – Analytics and Policy Engine
Threat Models based on User Behavioral Analytics
and Machine Learning
Fast Big Data Engine
Seceon OTM GUI
User Friendly and Intuitive
Adaptive Visualization of assets & threats
Executive Dashboard & detailed reports
APE
Dynamic Threat Models
Fast Big Data Engine
ML - User Behavioral
Analytics
AI with Recommended
Remediation
CCE – n
Feature
Extraction
Down Sampling
CCE
Feature
Extraction
Down Sampling
CCE – 1
Feature
Extraction
Down Sampling
Seceon Open Threat Management (OTM)
Seceon OTM uses Micro-Services Architecture and can be deployed in Cloud, VM and Customer Owned or
Seceon Supplied Appliances
15

16. Seceon OTM Platform Overview
16
Adaptive Visualization
• Comprehensive view of all assets and threats
• Fully automated solution that is easiest to deploy
• Allows drill down of threats with all details
Detect Threats that Matter
• Detects known as well as unknown threats
• Provides comprehensive information of the threats
• Indicates all compromised assets and potential targets
Contain Threats in Real Time
• Immediate corrective action in real time
• Automatic notification through email/text if required
• Provides actionable analytics
16

17. Built-in Security
Threat Modeling
Parse
Dynamic
Reduction
Behavior Analysis
Threat Correlation
Threat Intelligence
UniversalCollectionBus
Unstructured
Data
Unstructured
Data
Store
Storage Engine
Search
Rapid Search
Agent
Analytics
Analytics Engine
Big Data Store &
Search
Real-time Threat
Detection
Real-time
Analytics
Predictive
Modeling
Outputs
Built-in Advanced
Correlation
Built-in ML
Engine
Built-in Data
Model Engine
Input to output transit - measured in seconds
Platform Security Engine
Structured
Data
Parse
Dynamic
Reduction
Parse
Dynamic
Reduction
Seceon’s Scalable – Fast Analytics Processing Platform
Distributed Data Ingest (CCE)
Fast Parallel Processing Architecture (APE)
Closed Loop Threat Containment
Threat
Containment
17

18. Sunil K. Kotagiri, Co-Founder, Seceon
Compliance and Risk
management using
Seceon OTM Solution
18
Webinar
16th Nov, 2017

19. • Identity
• Network, Host & User inventory and
access monitoring & reports
• Protection
• Threat detection & Containment
• Detection
• 30 different threat models
• Respond
• Automatic remediation
• Recover
• Quarantine users & hosts
OTM covers NIST Framework
19

20. • Detect & contain unauthorized
access (Real-time)
• Whitelists (Users & Hosts)
• File copy and transfer
• Reports
• Daily & Weekly reports
• Forensics
• Store & Analyze data for years
OTM covers GDPR Framework
20
Data Privacy
Accountability
Responsibility
EvidenceOwnership

21. • Tracks User account mgmt
• Windows AD & Reports
• Data access rules
• Whitelists & Policy violations
• Integrity Monitoring
• Policy violations, permission changes
• Audit Trail
• Reports – DMCA, asset groups, whitelists
OTM covers HIPAA Framework
21
HIPAA
Access
Control
Account
Mgmt
Credential
Mgmt
Priv. Users
Mgmt
Integrity
Monitoring
Config
Mgmt
Data
Governance
Audit Trail

22. Q & A
22