SlideShare a Scribd company logo

[Webinar] Supercharging Security with Behavioral Analytics

Download as PPTX, PDF
Interset
Interset

In this presentation, special guest Joseph Blankenship, principal analyst at Forrester, joined Interset CTO Stephan Jou and Security Strategist Paul Reid for a discussion on how to practically and effectively boost the IQ of your security arsenal with behavioral analytics so you can find threats faster than ever. Learn more at Interset.AI

Technology
1 of 31
1 | © 2018 Interset Software Name, Title Date Supercharging Security with Behavioral Analytics September 19, 2018
2 | © 2018 Interset Software Today’s Panel STEPHAN JOU Chief Technology Officer PAUL REID Security Strategist Special Guest JOSEPH BLANKENSHIP Principal Analyst
3 | © 2018 Interset Software Why Does Security Need Analytics?
4© 2018 FORRESTER. REPRODUCTION PROHIBITED. Biggest Security Challenges Base: 1,502 Security decision-makers Source: Forrester Data Global Business Technographics Security Survey, 2018 19% 21% 21% 21% 22% 23% 24% 25% 26% 28% 29% 34% Lack of empowerment to make security decisions Lack of visibility and influence within the organization Other priorities in the organization taking precedence over… Inability to measure the effectiveness of our security program Unavailability of security employees with the right skills Building a culture of data stewardship Lack of staff (the security team is understaffed) Lack of budget Day-to-day tactical activities taking up too much time Compliance with new privacy laws Changing/evolving nature of IT threats (internal and external) Complexity of our IT environment Which of the following are the biggest IT security challenges for your firm?
5© 2018 FORRESTER. REPRODUCTION PROHIBITED. 56% of Firms Were Breached in the Last 12 Months 1Base: 1,147 Network Path Security decision-makers who have experienced a breach in the past 12 months Source: Forrester's Business Technographics Global Security Survey, 2018 External attack 41% Internal Attack 23% Third-party Incident 21% Lost/stolen asset 15% Causes of confirmed breaches in the past 12 months In these cases 35% were due to software exploits, 36% were due to web application attack, and 22% due to stolen credentials In these cases 55% were due to malicious intent, 38% were due to inadvertent misuse, and 7% were a combination of both
6© 2018 FORRESTER. REPRODUCTION PROHIBITED. Top 5 Data Types Breached Base: 546 Network Path Security decision-makers who have experienced a breach in the past 12 months Source: Forrester Data Global Business Technographics Security Survey, 2018 27% 27% 28% 29% 33% Authentication credentials (user IDs and passwords, other forms of credentials) Account numbers Payment/credit card data Intellectual property Personally identifiable information (name, address, phone, Social Security number) "What types of data were potentially compromised or breached in the past 12 months?" (Multiple responses accepted)
7© 2018 FORRESTER. REPRODUCTION PROHIBITED. Too Many Alerts / Too Few Analysts Source: Forrester’s Security Operations Center (SOC) Staffing
8© 2018 FORRESTER. REPRODUCTION PROHIBITED. We Need a New Set of Tools › Rules based SIM hasn’t proven effective • Too many alerts, too many false positives • Difficult to maintain • Only finds known threats › Effective security analytics tools: • Use data science to detect anomalous behavior • Utilize internal and external threat intelligence • Examine historical data • Detect data exfiltration • Provide increased security context for responders • Enable investigations and response
9© 2018 FORRESTER. REPRODUCTION PROHIBITED. The Security Analytics Ecosystem
10© 2018 FORRESTER. REPRODUCTION PROHIBITED. The Security Analytics Ecosystem Source: Forrester’s Vendor Landscape: Security Analytics (SA)
11© 2018 FORRESTER. REPRODUCTION PROHIBITED. Evolution of Security Analytics Perimeter Defense • Focus on network security • Event filtering and basic correlation • Log management and retention • Events per second: <5,000 • Storage: gigabytes • Manual breach response • High false positive rate, limited scalability Compliance • Reporting • Information sources: various log formats (still log focused) • Advanced correlation • Signature-based alerting • Increasing devices: >1,000 • Events per second: >10,000 • Storage: terabytes • Focus on threat detection and response, breach response still slow, highly dependent on security analyst skills Enterprise Security Intelligence • Log management • Feeds from applications, databases, endpoints • Threat detection • More robust IAM integration • Advanced analytics with additional security context • User and network behavior • Feeds from additional sources: multiple log sources, NetFlow, reputation data, threat intelligence feeds • Huge number of devices: >5,000 • Events per second: >100,000 • Storage: petabytes – Big Data infrastructure • Near real-time breach response, same day remediation Sophistication,volume,velocityandcomplexity 1995 – 2000 (SEM) 2005 – 2014 (SIM) 2014+ Security Analytics
12© 2018 FORRESTER. REPRODUCTION PROHIBITED. Defining Security Analytics A platform built on big data infrastructure to converge logging, correlating, and reporting feeds from security information management (SIM), security solutions, network flow data, external threat intelligence, and diverse endpoints and applications. The SA platform uses this information and machine learning techniques to provide real-time monitoring and facilitate the rapid incident detection, analysis, and response. Source: Forrester’s Counteract Cyberattacks With Security Analytics
13© 2018 FORRESTER. REPRODUCTION PROHIBITED. Security User Behavior Analytics (SUBA) › Detects anomalous user and device behavior • Ingests endpoint, network, and host log data • Uses machine learning techniques to detect suspicious behavior • Alerts on abnormal activity • Deploys as a SIM supplement in many cases SUBA is often the first technology organizations think of when starting an insider threat team.
14© 2018 FORRESTER. REPRODUCTION PROHIBITED. Defining SUBA Functionality that enables security and risk teams to build a unified view of users' actions across the network. SUBA collects and correlates detailed information about user activity from a variety of logs and other data sources to heuristically and automatically set a user activity baseline from which it can detect, risk score, prioritize, intercept, and enable the investigation of anomalous behavior in real time. Source: Forrester’s Market Overview: Security User Behavior Analytics (SUBA), 2016 report
15 | © 2018 Interset Software Interset’s behavioral analytics allows for detection of anomalies, complementing the pattern matching of rules and thresholds for policy enforcement and the machine learning of malware detection. Interset Augments Your Security Ecosystem
16 | © 2018 Interset Software How Does Interset Do This?
17 | © 2018 Interset Software Machine Learning is Everywhere… I’m smart! Super machine learning!The best Bayesian! Buy me! I do it all!
18 | © 2018 Interset Software Two Categories of Machine Learning Algorithms Bu y me! Supe r ML! The best Bayesian ! I do it all! Classification Support Vector Machines Discriminant Analysis Naive Bayes Nearest Neighbor Regression Linear Regression | GLM SVR | GPR Ensemble Methods Decision Trees Neural Networks Clustering K-means | Fuzzy C-means Hidden Markov Model Neural Networks Hierarchical Guassian Mixture Supervised Unsupervised
19 | © 2018 Interset Software Cybersecurity: Supervised Machine Learning Approach Ideal for finding malware ▪ Decades of data to study ▪ Always looks the same no matter where it manifests “Tell me what I’m looking for…”
20 | © 2018 Interset Software When searching for insider threats, how do you determine what is productive or malicious activity within your enterprise? The activities related to insider threats are masked by behavior that, when removed from context, present as benign. This means we cannot simply match a pattern or look for a signature—we have to take a different approach that separates abnormal from normal. ▪ Working at midnight? ▪ Attaching 500MB to an email? ▪ Looking at corporate strategy data? ▪ Checking out software code from Project X? ▪ A machine communicating on port 465? ▪ Machine A & B connecting via HTTP? ▪ Printer “P015” printing 50 pages at noon? ▪ cmd.exe launched on a workstation? Cybersecurity: Unsupervised Machine Learning Approach
21 | © 2018 Interset Software What are the ”MOST WANTED” Insider Threats? Compromised Account Infected Host Account Misuse Data Staging Low & Slow Attacks Unauthorized Print Job Fileless Malware Zero-day Attack Not all insider threats are internal employees or disgruntled personnel.
22 | © 2018 Interset Software How Does Security Analytics Impact the SOC?
23© 2018 FORRESTER. REPRODUCTION PROHIBITED. SA Enables SOC Processes › Monitoring and alerting › Event correlation › Alert triage › Incident response › Threat hunting
24 | © 2018 Interset Software How Does Interset Change SOC Operations and Threat Hunting?
25 | © 2018 Interset Software Interset Security Analytics Dashboard: Top Risky Entities
26 | © 2018 Interset Software Interset Security Analytics Dashboard: Anomalous Behavior
27© 2018 FORRESTER. REPRODUCTION PROHIBITED. Considerations for Selecting An SA Solution › Monitoring requirements › Data sources › Out of the box content › Scalability › Threat intelligence sources › Size of security staff › Security team maturity › Compliance needs
28© 2018 FORRESTER. REPRODUCTION PROHIBITED. Wrap-Up › Security teams lack the speed and agility to stop breaches • Inadequate tools and slow, manual processes impede progress › Rules-based SIM alone not able to detect anomalous behavior • Combination of capabilities enabling better threat detection and response › We have to make better, faster security decisions • Security analytics tools help make that happen • Analysts require analytics to speed detection and enable threat hunting
29 | © 2018 Interset Software Questions?
30 | © 2018 Interset Software Want to learn more? Contact us! STEPHAN JOU CTO, Interset sjou@interset.com @eeksock PAUL REID Security Strategist, Interest preid@interset.com JOSEPH BLANKENSHIP Principal Analyst, Forrester jblankenship@forrester.com @infosec_jb
31 | © 2018 Interset Software Thank You! Learn more at Interset.AI

Recommended

WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
Interset
 
Cybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log AnalysisCybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log Analysis
Jim Kaplan CIA CFE
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
Interset
 
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Interset
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
Coastal Pet Products, Inc.
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Enterprise Management Associates
 

Recommended

WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider ThreatsWEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
WEBINAR: How To Use Artificial Intelligence To Prevent Insider Threats
Interset
 
Cybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log AnalysisCybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log Analysis
Jim Kaplan CIA CFE
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
Interset
 
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Innovation in Cybersecurity [Montreal 2018 CRIAQ RDV Forum]
Interset
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
Coastal Pet Products, Inc.
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Enterprise Management Associates
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
Ulf Mattsson
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
Femi Ashaye
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Fujitsu Middle East
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
thinkASG
 
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
SaraPia5
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
Elliott Franklin
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Marc Crudgington Who I Am
Marc Crudgington Who I AmMarc Crudgington Who I Am
Marc Crudgington Who I AmMarc Crudgington, MBA
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Interset
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
Interset
 
IYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - FinalIYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - FinalIvonne Yeste
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
IBM Security
 
Machine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-HuntingMachine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-Hunting
Interset
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
Christian Have
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
Interset
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 

More Related Content

What's hot

How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
Ulf Mattsson
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
Femi Ashaye
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Fujitsu Middle East
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
thinkASG
 
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
SaraPia5
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
Elliott Franklin
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Interset
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
Interset
 
IYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - FinalIYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - FinalIvonne Yeste
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
IBM Security
 
Machine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-HuntingMachine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-Hunting
Interset
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
Christian Have
 

What's hot (20)

How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
 
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
 
Vendor Landscape: Email Security Gateway
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Marc Crudgington Who I Am
Marc Crudgington Who I AmMarc Crudgington Who I Am
Marc Crudgington Who I Am
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
IANS Forum Seattle Technology Spotlight: Looking for and Finding the Inside...
 
IYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - FinalIYeste - Nova - ISEC695 - Final
IYeste - Nova - ISEC695 - Final
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
 
Machine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-HuntingMachine Learning + AI for Accelerated Threat-Hunting
Machine Learning + AI for Accelerated Threat-Hunting
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
 

Similar to [Webinar] Supercharging Security with Behavioral Analytics

How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
Interset
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018
Interset
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
Interset
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
SolarWinds
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Interset
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
OSIsoft, LLC
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
DataWorks Summit
 
CCA study group
CCA study groupCCA study group
CCA study group
IIBA UK Chapter
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
Interset
 
Emerging Trends in Application Security
Emerging Trends in Application Security Emerging Trends in Application Security
Emerging Trends in Application Security
Synopsys Software Integrity Group
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
Karl Kispert
 
A New Approach to Threat Detection: Big Data Security Analytics
A New Approach to Threat Detection: Big Data Security Analytics A New Approach to Threat Detection: Big Data Security Analytics
A New Approach to Threat Detection: Big Data Security Analytics
Interset
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
CMR WORLD TECH
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
Tripwire
 
Knowledge brief securonix-ueba-market_2018-spark-matrix
Knowledge brief securonix-ueba-market_2018-spark-matrixKnowledge brief securonix-ueba-market_2018-spark-matrix
Knowledge brief securonix-ueba-market_2018-spark-matrix
Prachi Joshi
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Adam Levithan
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 

Similar to [Webinar] Supercharging Security with Behavioral Analytics (20)

How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security Analytics
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum Dallas
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
Cyber-I3 System - Intelligence, Incidence, and Investigation-based Big Data T...
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
How to Operationalize Big Data Security Analytics - Technology Spotlight at I...
 
Emerging Trends in Application Security
Emerging Trends in Application Security Emerging Trends in Application Security
Emerging Trends in Application Security
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
A New Approach to Threat Detection: Big Data Security Analytics
A New Approach to Threat Detection: Big Data Security Analytics A New Approach to Threat Detection: Big Data Security Analytics
A New Approach to Threat Detection: Big Data Security Analytics
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
Knowledge brief securonix-ueba-market_2018-spark-matrix
Knowledge brief securonix-ueba-market_2018-spark-matrixKnowledge brief securonix-ueba-market_2018-spark-matrix
Knowledge brief securonix-ueba-market_2018-spark-matrix
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
 

More from Interset

IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
Interset
 
IANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum DC: Everything is a Nail! Machine Learning in CybersecurityIANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
Interset
 
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
Interset
 
IANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Charlotte: Everything is a Nail! Machine Learning in CybersecurityIANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
Interset
 
IANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Seattle: Everything is a Nail! Machine Learning in CybersecurityIANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
Interset
 
Webinar: Will the Real AI Please Stand Up?
Webinar: Will the Real AI Please Stand Up?Webinar: Will the Real AI Please Stand Up?
Webinar: Will the Real AI Please Stand Up?
Interset
 
IANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionIANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight Session
Interset
 
Infographic: Inside Data Breaches
Infographic: Inside Data BreachesInfographic: Inside Data Breaches
Infographic: Inside Data Breaches
Interset
 
User and Entity Behavioral Analytics
User and Entity Behavioral AnalyticsUser and Entity Behavioral Analytics
User and Entity Behavioral Analytics
Interset
 
Lead On: When More Data Becomes Less Work
Lead On: When More Data Becomes Less WorkLead On: When More Data Becomes Less Work
Lead On: When More Data Becomes Less Work
Interset
 
The Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityThe Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning Cybersecurity
Interset
 

More from Interset (11)

IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum DC: Operationalizing Big Data Security [Tech Spotlight]
 
IANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum DC: Everything is a Nail! Machine Learning in CybersecurityIANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum DC: Everything is a Nail! Machine Learning in Cybersecurity
 
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
IANS Forum Charlotte: Operationalizing Big Data Security [Tech Spotlight]
 
IANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Charlotte: Everything is a Nail! Machine Learning in CybersecurityIANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Charlotte: Everything is a Nail! Machine Learning in Cybersecurity
 
IANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Seattle: Everything is a Nail! Machine Learning in CybersecurityIANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
IANS Forum Seattle: Everything is a Nail! Machine Learning in Cybersecurity
 
Webinar: Will the Real AI Please Stand Up?
Webinar: Will the Real AI Please Stand Up?Webinar: Will the Real AI Please Stand Up?
Webinar: Will the Real AI Please Stand Up?
 
IANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight SessionIANS Forum Dallas - Technology Spotlight Session
IANS Forum Dallas - Technology Spotlight Session
 
Infographic: Inside Data Breaches
Infographic: Inside Data BreachesInfographic: Inside Data Breaches
Infographic: Inside Data Breaches
 
User and Entity Behavioral Analytics
User and Entity Behavioral AnalyticsUser and Entity Behavioral Analytics
User and Entity Behavioral Analytics
 
Lead On: When More Data Becomes Less Work
Lead On: When More Data Becomes Less WorkLead On: When More Data Becomes Less Work
Lead On: When More Data Becomes Less Work
 
The Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning CybersecurityThe Myths + Realities of Machine-Learning Cybersecurity
The Myths + Realities of Machine-Learning Cybersecurity
 

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 

[Webinar] Supercharging Security with Behavioral Analytics

  • 1. 1 | © 2018 Interset Software Name, Title Date Supercharging Security with Behavioral Analytics September 19, 2018
  • 2. 2 | © 2018 Interset Software Today’s Panel STEPHAN JOU Chief Technology Officer PAUL REID Security Strategist Special Guest JOSEPH BLANKENSHIP Principal Analyst
  • 3. 3 | © 2018 Interset Software Why Does Security Need Analytics?
  • 4. 4© 2018 FORRESTER. REPRODUCTION PROHIBITED. Biggest Security Challenges Base: 1,502 Security decision-makers Source: Forrester Data Global Business Technographics Security Survey, 2018 19% 21% 21% 21% 22% 23% 24% 25% 26% 28% 29% 34% Lack of empowerment to make security decisions Lack of visibility and influence within the organization Other priorities in the organization taking precedence over… Inability to measure the effectiveness of our security program Unavailability of security employees with the right skills Building a culture of data stewardship Lack of staff (the security team is understaffed) Lack of budget Day-to-day tactical activities taking up too much time Compliance with new privacy laws Changing/evolving nature of IT threats (internal and external) Complexity of our IT environment Which of the following are the biggest IT security challenges for your firm?
  • 5. 5© 2018 FORRESTER. REPRODUCTION PROHIBITED. 56% of Firms Were Breached in the Last 12 Months 1Base: 1,147 Network Path Security decision-makers who have experienced a breach in the past 12 months Source: Forrester's Business Technographics Global Security Survey, 2018 External attack 41% Internal Attack 23% Third-party Incident 21% Lost/stolen asset 15% Causes of confirmed breaches in the past 12 months In these cases 35% were due to software exploits, 36% were due to web application attack, and 22% due to stolen credentials In these cases 55% were due to malicious intent, 38% were due to inadvertent misuse, and 7% were a combination of both
  • 6. 6© 2018 FORRESTER. REPRODUCTION PROHIBITED. Top 5 Data Types Breached Base: 546 Network Path Security decision-makers who have experienced a breach in the past 12 months Source: Forrester Data Global Business Technographics Security Survey, 2018 27% 27% 28% 29% 33% Authentication credentials (user IDs and passwords, other forms of credentials) Account numbers Payment/credit card data Intellectual property Personally identifiable information (name, address, phone, Social Security number) "What types of data were potentially compromised or breached in the past 12 months?" (Multiple responses accepted)
  • 7. 7© 2018 FORRESTER. REPRODUCTION PROHIBITED. Too Many Alerts / Too Few Analysts Source: Forrester’s Security Operations Center (SOC) Staffing
  • 8. 8© 2018 FORRESTER. REPRODUCTION PROHIBITED. We Need a New Set of Tools › Rules based SIM hasn’t proven effective • Too many alerts, too many false positives • Difficult to maintain • Only finds known threats › Effective security analytics tools: • Use data science to detect anomalous behavior • Utilize internal and external threat intelligence • Examine historical data • Detect data exfiltration • Provide increased security context for responders • Enable investigations and response
  • 9. 9© 2018 FORRESTER. REPRODUCTION PROHIBITED. The Security Analytics Ecosystem
  • 10. 10© 2018 FORRESTER. REPRODUCTION PROHIBITED. The Security Analytics Ecosystem Source: Forrester’s Vendor Landscape: Security Analytics (SA)
  • 11. 11© 2018 FORRESTER. REPRODUCTION PROHIBITED. Evolution of Security Analytics Perimeter Defense • Focus on network security • Event filtering and basic correlation • Log management and retention • Events per second: <5,000 • Storage: gigabytes • Manual breach response • High false positive rate, limited scalability Compliance • Reporting • Information sources: various log formats (still log focused) • Advanced correlation • Signature-based alerting • Increasing devices: >1,000 • Events per second: >10,000 • Storage: terabytes • Focus on threat detection and response, breach response still slow, highly dependent on security analyst skills Enterprise Security Intelligence • Log management • Feeds from applications, databases, endpoints • Threat detection • More robust IAM integration • Advanced analytics with additional security context • User and network behavior • Feeds from additional sources: multiple log sources, NetFlow, reputation data, threat intelligence feeds • Huge number of devices: >5,000 • Events per second: >100,000 • Storage: petabytes – Big Data infrastructure • Near real-time breach response, same day remediation Sophistication,volume,velocityandcomplexity 1995 – 2000 (SEM) 2005 – 2014 (SIM) 2014+ Security Analytics
  • 12. 12© 2018 FORRESTER. REPRODUCTION PROHIBITED. Defining Security Analytics A platform built on big data infrastructure to converge logging, correlating, and reporting feeds from security information management (SIM), security solutions, network flow data, external threat intelligence, and diverse endpoints and applications. The SA platform uses this information and machine learning techniques to provide real-time monitoring and facilitate the rapid incident detection, analysis, and response. Source: Forrester’s Counteract Cyberattacks With Security Analytics
  • 13. 13© 2018 FORRESTER. REPRODUCTION PROHIBITED. Security User Behavior Analytics (SUBA) › Detects anomalous user and device behavior • Ingests endpoint, network, and host log data • Uses machine learning techniques to detect suspicious behavior • Alerts on abnormal activity • Deploys as a SIM supplement in many cases SUBA is often the first technology organizations think of when starting an insider threat team.
  • 14. 14© 2018 FORRESTER. REPRODUCTION PROHIBITED. Defining SUBA Functionality that enables security and risk teams to build a unified view of users' actions across the network. SUBA collects and correlates detailed information about user activity from a variety of logs and other data sources to heuristically and automatically set a user activity baseline from which it can detect, risk score, prioritize, intercept, and enable the investigation of anomalous behavior in real time. Source: Forrester’s Market Overview: Security User Behavior Analytics (SUBA), 2016 report
  • 15. 15 | © 2018 Interset Software Interset’s behavioral analytics allows for detection of anomalies, complementing the pattern matching of rules and thresholds for policy enforcement and the machine learning of malware detection. Interset Augments Your Security Ecosystem
  • 16. 16 | © 2018 Interset Software How Does Interset Do This?
  • 17. 17 | © 2018 Interset Software Machine Learning is Everywhere… I’m smart! Super machine learning!The best Bayesian! Buy me! I do it all!
  • 18. 18 | © 2018 Interset Software Two Categories of Machine Learning Algorithms Bu y me! Supe r ML! The best Bayesian ! I do it all! Classification Support Vector Machines Discriminant Analysis Naive Bayes Nearest Neighbor Regression Linear Regression | GLM SVR | GPR Ensemble Methods Decision Trees Neural Networks Clustering K-means | Fuzzy C-means Hidden Markov Model Neural Networks Hierarchical Guassian Mixture Supervised Unsupervised
  • 19. 19 | © 2018 Interset Software Cybersecurity: Supervised Machine Learning Approach Ideal for finding malware ▪ Decades of data to study ▪ Always looks the same no matter where it manifests “Tell me what I’m looking for…”
  • 20. 20 | © 2018 Interset Software When searching for insider threats, how do you determine what is productive or malicious activity within your enterprise? The activities related to insider threats are masked by behavior that, when removed from context, present as benign. This means we cannot simply match a pattern or look for a signature—we have to take a different approach that separates abnormal from normal. ▪ Working at midnight? ▪ Attaching 500MB to an email? ▪ Looking at corporate strategy data? ▪ Checking out software code from Project X? ▪ A machine communicating on port 465? ▪ Machine A & B connecting via HTTP? ▪ Printer “P015” printing 50 pages at noon? ▪ cmd.exe launched on a workstation? Cybersecurity: Unsupervised Machine Learning Approach
  • 21. 21 | © 2018 Interset Software What are the ”MOST WANTED” Insider Threats? Compromised Account Infected Host Account Misuse Data Staging Low & Slow Attacks Unauthorized Print Job Fileless Malware Zero-day Attack Not all insider threats are internal employees or disgruntled personnel.
  • 22. 22 | © 2018 Interset Software How Does Security Analytics Impact the SOC?
  • 23. 23© 2018 FORRESTER. REPRODUCTION PROHIBITED. SA Enables SOC Processes › Monitoring and alerting › Event correlation › Alert triage › Incident response › Threat hunting
  • 24. 24 | © 2018 Interset Software How Does Interset Change SOC Operations and Threat Hunting?
  • 25. 25 | © 2018 Interset Software Interset Security Analytics Dashboard: Top Risky Entities
  • 26. 26 | © 2018 Interset Software Interset Security Analytics Dashboard: Anomalous Behavior
  • 27. 27© 2018 FORRESTER. REPRODUCTION PROHIBITED. Considerations for Selecting An SA Solution › Monitoring requirements › Data sources › Out of the box content › Scalability › Threat intelligence sources › Size of security staff › Security team maturity › Compliance needs
  • 28. 28© 2018 FORRESTER. REPRODUCTION PROHIBITED. Wrap-Up › Security teams lack the speed and agility to stop breaches • Inadequate tools and slow, manual processes impede progress › Rules-based SIM alone not able to detect anomalous behavior • Combination of capabilities enabling better threat detection and response › We have to make better, faster security decisions • Security analytics tools help make that happen • Analysts require analytics to speed detection and enable threat hunting
  • 29. 29 | © 2018 Interset Software Questions?
  • 30. 30 | © 2018 Interset Software Want to learn more? Contact us! STEPHAN JOU CTO, Interset sjou@interset.com @eeksock PAUL REID Security Strategist, Interest preid@interset.com JOSEPH BLANKENSHIP Principal Analyst, Forrester jblankenship@forrester.com @infosec_jb
  • 31. 31 | © 2018 Interset Software Thank You! Learn more at Interset.AI