The Challenge For Log Analysis
Log Management vs SIEM vs NextGen SIEM
Security Analytic + Storage + Actionable Intelligence
NexGen Security Operation Center For Smart Cities
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurAlan Yau Ti Dun
"Like any information security processes, there should be an adequate and"
"reasonable level of assurance for cyber security, which completes the security perspective when combined with governance and management processes. Cyber security assurance requires a comprehensive set of controls that covers risk as well as management processes."
"These controls are supported by appropriate metrics and indicators for"
"security goals and factual security risk. This session will share the cybesecurity self assessment program in carrying out an audit or self- assessment review on cyber security controls and practices in a typical organisation. This assurance program will leverage on COBIT 5 framework"
"and COBIT 5 for Information Security as a baseline."
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...Alan Yau Ti Dun
When weighing options for increasing enterprise computing capabilities or seeking ways
to improve IT operational efficiency, the prevailing method is to integrate an external IT
services vendor, commonly referred to as a cloud service provider (CSP). There is a
high probability that audit clients will engage this CSP service to manage their IT needs.
Learn how to cope with the audit and risk assessment challenges related to this
emerging technology trend in this key session.
•Understanding the various Cloud Service Levels and Implementation Types
•Identifying Compliance, Service Level Agreement and other Important Duties each
party must perform
•Understand the Complexities of Auditing internal controls, data security, privacy and
performancerelated to cloud
•Mitigating the underlying Business Risks associated with adopting a cloud-based IT model
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
ControlCase discusses the following:
•What is “One Audit” for multiple assessments
•Current Research
•Zero Trust Principles for IT security
•Remote Assessment Methodology
ControlCase covers the following:
- What does SOC stand for?
- What is SOC 2 compliance?
- What is SOC 2 certification?
- What is a SOC 2 report?
- Who can perform a SOC 2 audit?
- How do managed service providers comply with SOC 2
- How to lower cost of SOC 2 audit?
- ControlCase methodology for SOC 2 compliance
How to minimize threats in your information system using network segregation? PECB
We will discuss the importance of network infrastructure and how we can minimize risks of attacks in our IT by segregating and segmenting our network infrastructure.
Main points that have been covered are:
• Why it’s always a primary target for attacks?
• What are the segmented networks?
• How can it be used?
Presenter:
Our presenter for this webinar is Mohamed Tawfik, who is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction.
Link of the recorded session published on YouTube:https://youtu.be/sKhihzgElH8
ControlCase discusses the following:
•About the cloud
•About PCI DSS
•PCI DSS in the cloud
•How to keep sensitive data secure as you move to the cloud
•Q&A
Assessing the Security of Cloud SaaS SolutionsDigital Bond
Matthew Theobald of Schneider Electric presentation at S4x15 OTDay.
This session provided a tutorial on how to evaluate the security of a SaaS solution. These are being increasingly offered for storage, processing and analysis of ICS data.
OneAudit™ - Assess Once, Certify to ManyControlCase
ControlCase covers the following:
•About PCI DSS, ISO 27001, NERC, HIPAA, and FISMA
•Best Practices and Cloud Implications for Comprehensive Compliance within IT Standards/Regulations
•Challenges in the Comprehensive Compliance Space
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurAlan Yau Ti Dun
"Like any information security processes, there should be an adequate and"
"reasonable level of assurance for cyber security, which completes the security perspective when combined with governance and management processes. Cyber security assurance requires a comprehensive set of controls that covers risk as well as management processes."
"These controls are supported by appropriate metrics and indicators for"
"security goals and factual security risk. This session will share the cybesecurity self assessment program in carrying out an audit or self- assessment review on cyber security controls and practices in a typical organisation. This assurance program will leverage on COBIT 5 framework"
"and COBIT 5 for Information Security as a baseline."
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...Alan Yau Ti Dun
When weighing options for increasing enterprise computing capabilities or seeking ways
to improve IT operational efficiency, the prevailing method is to integrate an external IT
services vendor, commonly referred to as a cloud service provider (CSP). There is a
high probability that audit clients will engage this CSP service to manage their IT needs.
Learn how to cope with the audit and risk assessment challenges related to this
emerging technology trend in this key session.
•Understanding the various Cloud Service Levels and Implementation Types
•Identifying Compliance, Service Level Agreement and other Important Duties each
party must perform
•Understand the Complexities of Auditing internal controls, data security, privacy and
performancerelated to cloud
•Mitigating the underlying Business Risks associated with adopting a cloud-based IT model
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
ControlCase discusses the following:
•What is “One Audit” for multiple assessments
•Current Research
•Zero Trust Principles for IT security
•Remote Assessment Methodology
ControlCase covers the following:
- What does SOC stand for?
- What is SOC 2 compliance?
- What is SOC 2 certification?
- What is a SOC 2 report?
- Who can perform a SOC 2 audit?
- How do managed service providers comply with SOC 2
- How to lower cost of SOC 2 audit?
- ControlCase methodology for SOC 2 compliance
How to minimize threats in your information system using network segregation? PECB
We will discuss the importance of network infrastructure and how we can minimize risks of attacks in our IT by segregating and segmenting our network infrastructure.
Main points that have been covered are:
• Why it’s always a primary target for attacks?
• What are the segmented networks?
• How can it be used?
Presenter:
Our presenter for this webinar is Mohamed Tawfik, who is a qualified Technocrat, and a seasoned IT/Telecom Professional having over 20 years of solid experience with multi-national corporate organizations planning, deployment, governance, audit and enforcing policy on Information Security Practice, while having in-depth knowledge of IT/Telecom Infrastructure and with a proven record of customer satisfaction.
Link of the recorded session published on YouTube:https://youtu.be/sKhihzgElH8
ControlCase discusses the following:
•About the cloud
•About PCI DSS
•PCI DSS in the cloud
•How to keep sensitive data secure as you move to the cloud
•Q&A
Assessing the Security of Cloud SaaS SolutionsDigital Bond
Matthew Theobald of Schneider Electric presentation at S4x15 OTDay.
This session provided a tutorial on how to evaluate the security of a SaaS solution. These are being increasingly offered for storage, processing and analysis of ICS data.
OneAudit™ - Assess Once, Certify to ManyControlCase
ControlCase covers the following:
•About PCI DSS, ISO 27001, NERC, HIPAA, and FISMA
•Best Practices and Cloud Implications for Comprehensive Compliance within IT Standards/Regulations
•Challenges in the Comprehensive Compliance Space
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
In 2011, Marc Andreessen said "software is eating the world." Today, that statement is truer than ever. Businesses in every industry - from retail, to energy, to financial - are essentially software companies, with millions of lines of custom source code being written and managed in-house. Additionally, advances in the Software Development Life Cycle (SDLC) and the emergence of DevOps have allowed some organizations to deploy new code from development to production dozens of time each day. Traditional approaches to securing such large quantities of code, especially at the speed of current development, have proven to be ineffective, as is evident by recent public data breaches of both public and private sector organizations; as well as the resulting legislation, like Presidential Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity. The only way for cybersecurity teams to keep up with their development counterparts is to automate, but where should they start?
The NIST Cybersecurity Framework provides guidance for organizations interested in establishing or improving a cybersecurity program. Today, a security automation plan is a crucial aspect of any cybersecurity program.
This talk will describe how the NIST Cybersecurity Framework can be used to establish and implement a plan for integrating security-automation activities into any security program. We'll describe the latest trends in security-automation and DevOps, including how to automatically identify security-best practices being followed, and anti-patterns that indicate a potential risk. Attendees will learn how to consolidate this data in a centralized dashboard of their choosing, and how such information can be automatically distributed to stakeholders throughout their organization.
In the coming years, with the growth of Internet of Things (IoT) and Cloud, organizations will become more and more reliant on custom software. Cybersecurity teams who fail to begin automating soon will only continue to fall further behind and put their organizations at greater risk. The NIST Cybersecurity Framework provides the foundation for such teams to establish their roadmap to security, and this talk will build on that foundation to highlight some potential paths.
Building an Intelligence-Driven Security Operations CenterEMC
This white paper describes how an intelligence-driven security operations center (SOC) improves threat detection and response by helping organizations use all available security-related information from both internal and external sources to detect hidden threats and even predict new ones.
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
Abstract: Modern day cyber threats are ever increasing in sophistication and evasiveness against Process Control Networks. Organizations in the industry are facing a constant challenge to adopt modern techniques to proactively monitor the security posture within the SCADA infrastructure whilst keeping cyber attackers and threat actors at bay.
In this presentation we will cover the fundamental building blocks of building a SCADA cyber security operations center with key responsibilities such as Incident Response Management, Vulnerability and Patch Management, Secure-by-design Architecture, Security Logging and Monitoring and how such security domains drive accountability and act as a line of authority across the PCN.
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
Effective Security Operations Centre SOC building - by Manoj Purandare. This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security
What can local government use to help manage IT security threats and IT losses? NIST has developed standards that are recommended for local governments.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Unanet is a leading provider of Cloud and On-Premise software for project-based professional services organizations. Unanet delivers a purpose built Project ERP solution with skills management, resource planning, budgeting & forecasting, time & expense reporting, billing & revenue recognition, project management analytics and dashboards, and integrated financials with AR, AP, GL and cost pool calculations.
Over 2,000 organizations trust Unanet to maximize staff utilization, reduce overhead and administrative costs, improve speed and accuracy of invoicing, and support forward decision-making for improved operations.
Learn more about Unanet at www.unanet.com/videos .
Top 20 Security Controls for a More Secure InfrastructureInfosec
The CIS® (Center for Internet Security, Inc.®) Controls offer 20 proven, globally recognized best practices for securing your IT systems and data against the most pervasive attacks. Join Tony Sager, CIS Senior Vice President and Chief Evangelist, to learn:
- Origin and purpose of the CIS Controls
- How to prioritize implementation
- How to make the CIS Controls a foundational part of your security program, and improve your enterprise defenses, operations, compliance and security awareness
Watch the full webinar: https://www2.infosecinstitute.com/l/12882/2018-12-06/bcbc68
Click Here to visit the FedRAMP blog - https://www.controlcase.com/what-is-fedramp/?utm_source=webinar&utm_campaign=webinar
Click Here for FedRAMP Compliance Checklist - https://www.controlcase.com/fedramp-checklist-lp/?utm_source=webinar&utm_campaign=webinar
ControlCase covers the following:
- What is FedRAMP?
- What is FedRAMP Marketplace?
- Who does FedRAMP apply to?
- How hard is it to get FedRAMP certified?
- How long does the FedRAMP process take?
- How to get FedRAMP certified?
- ControlCase methodology for FedRAMP compliance
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
In 2011, Marc Andreessen said "software is eating the world." Today, that statement is truer than ever. Businesses in every industry - from retail, to energy, to financial - are essentially software companies, with millions of lines of custom source code being written and managed in-house. Additionally, advances in the Software Development Life Cycle (SDLC) and the emergence of DevOps have allowed some organizations to deploy new code from development to production dozens of time each day. Traditional approaches to securing such large quantities of code, especially at the speed of current development, have proven to be ineffective, as is evident by recent public data breaches of both public and private sector organizations; as well as the resulting legislation, like Presidential Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity. The only way for cybersecurity teams to keep up with their development counterparts is to automate, but where should they start?
The NIST Cybersecurity Framework provides guidance for organizations interested in establishing or improving a cybersecurity program. Today, a security automation plan is a crucial aspect of any cybersecurity program.
This talk will describe how the NIST Cybersecurity Framework can be used to establish and implement a plan for integrating security-automation activities into any security program. We'll describe the latest trends in security-automation and DevOps, including how to automatically identify security-best practices being followed, and anti-patterns that indicate a potential risk. Attendees will learn how to consolidate this data in a centralized dashboard of their choosing, and how such information can be automatically distributed to stakeholders throughout their organization.
In the coming years, with the growth of Internet of Things (IoT) and Cloud, organizations will become more and more reliant on custom software. Cybersecurity teams who fail to begin automating soon will only continue to fall further behind and put their organizations at greater risk. The NIST Cybersecurity Framework provides the foundation for such teams to establish their roadmap to security, and this talk will build on that foundation to highlight some potential paths.
Building an Intelligence-Driven Security Operations CenterEMC
This white paper describes how an intelligence-driven security operations center (SOC) improves threat detection and response by helping organizations use all available security-related information from both internal and external sources to detect hidden threats and even predict new ones.
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
Abstract: Modern day cyber threats are ever increasing in sophistication and evasiveness against Process Control Networks. Organizations in the industry are facing a constant challenge to adopt modern techniques to proactively monitor the security posture within the SCADA infrastructure whilst keeping cyber attackers and threat actors at bay.
In this presentation we will cover the fundamental building blocks of building a SCADA cyber security operations center with key responsibilities such as Incident Response Management, Vulnerability and Patch Management, Secure-by-design Architecture, Security Logging and Monitoring and how such security domains drive accountability and act as a line of authority across the PCN.
Manoj purandare - Stratergy towards an Effective Security Operations Centre -...Manoj Purandare ☁
Effective Security Operations Centre SOC building - by Manoj Purandare. This article tries to give a strategy towards building am effective SOC using its 4 major points steps and 11 effective steps recipe - for Organisation's / Govt's safety and security
What can local government use to help manage IT security threats and IT losses? NIST has developed standards that are recommended for local governments.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Unanet is a leading provider of Cloud and On-Premise software for project-based professional services organizations. Unanet delivers a purpose built Project ERP solution with skills management, resource planning, budgeting & forecasting, time & expense reporting, billing & revenue recognition, project management analytics and dashboards, and integrated financials with AR, AP, GL and cost pool calculations.
Over 2,000 organizations trust Unanet to maximize staff utilization, reduce overhead and administrative costs, improve speed and accuracy of invoicing, and support forward decision-making for improved operations.
Learn more about Unanet at www.unanet.com/videos .
Top 20 Security Controls for a More Secure InfrastructureInfosec
The CIS® (Center for Internet Security, Inc.®) Controls offer 20 proven, globally recognized best practices for securing your IT systems and data against the most pervasive attacks. Join Tony Sager, CIS Senior Vice President and Chief Evangelist, to learn:
- Origin and purpose of the CIS Controls
- How to prioritize implementation
- How to make the CIS Controls a foundational part of your security program, and improve your enterprise defenses, operations, compliance and security awareness
Watch the full webinar: https://www2.infosecinstitute.com/l/12882/2018-12-06/bcbc68
Click Here to visit the FedRAMP blog - https://www.controlcase.com/what-is-fedramp/?utm_source=webinar&utm_campaign=webinar
Click Here for FedRAMP Compliance Checklist - https://www.controlcase.com/fedramp-checklist-lp/?utm_source=webinar&utm_campaign=webinar
ControlCase covers the following:
- What is FedRAMP?
- What is FedRAMP Marketplace?
- Who does FedRAMP apply to?
- How hard is it to get FedRAMP certified?
- How long does the FedRAMP process take?
- How to get FedRAMP certified?
- ControlCase methodology for FedRAMP compliance
My books- Hacking Digital Learning Strategies http://hackingdls.com & Learning to Go https://gum.co/learn2go
Resources at http://shellyterrell.com/emoji
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
We asked LinkedIn members worldwide about their levels of interest in the latest wave of technology: whether they’re using wearables, and whether they intend to buy self-driving cars and VR headsets as they become available. We asked them too about their attitudes to technology and to the growing role of Artificial Intelligence (AI) in the devices that they use. The answers were fascinating – and in many cases, surprising.
This SlideShare explores the full results of this study, including detailed market-by-market breakdowns of intention levels for each technology – and how attitudes change with age, location and seniority level. If you’re marketing a tech brand – or planning to use VR and wearables to reach a professional audience – then these are insights you won’t want to miss.
What does the future look like? Is it a dark space where we’re suffering from varying degrees of techamphetamine or are we heading towards a Utopian fantasy of abundance and harmony?
Understanding that our basic human needs and wants barely change, we explore the future state of a range of topics; from our need for physical sustenance through to our age-long fascination of transcending the limitations of our biology.
Looking at the future from a human perspective, our potential for greatness is teetering on a fine line between darkness and hope. We’re banking on the latter.
Mobile-First SEO - The Marketers Edition #3XEDigitalAleyda Solís
How to target your SEO process to a reality of more people searching on mobile devices than desktop and an upcoming mobile first Google index? Check it out.
Artificial intelligence (AI) is everywhere, promising self-driving cars, medical breakthroughs, and new ways of working. But how do you separate hype from reality? How can your company apply AI to solve real business problems?
Here’s what AI learnings your business should keep in mind for 2017.
Security Essentials For Startups Taking Their First Steps As Cloud Providers.
This deck is based on the the below paper: https://chapters.cloudsecurityalliance.org/israel/papers/
Cyber Knight is one of The leading IT Security firms specializing in providing Enterprise Risk Services and Defensive Security Services. We has a proven track record of assisting numerous global organizations obtain and maintain desired levels of online security.
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
The 2012 Verizon Data Breach Investigations Report quantified the sharp increase in cyber threats, noting that 68% were due to malware, up 20% from 2011. What is most concerning is that 85% of breaches took weeks or more to discover. Despite the focus on threat prevention, breaches will happen. In this environment the ability to identify risk, protect vulnerable assets and manage threats become critical. Learn how these combined solutions can help your organization identify behavioral anomalies, internal and external threats, and prevent breaches based on accurate enterprise security intelligence.
To download a free Nexpose demo, clock here: http://www.rapid7.com/products/nexpose/compare-downloads.jsp
Penetration Testing actively attempts to exploit vulnerabilities and exposures in the customer environment. You can learn more about the value and the outcomes of this services.
This lecture was given as part of a Logicalis Security Event held in Jersey and Guernsey. The lecture introduced SIEM and it's concepts to business professionals as well as featuring live exploitation demos. The lecture also discussed the macro based anti virus evading malware.
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …Andris Soroka
World's #1 SIEM technology in GRC (Governance, Risk, Compliance). QRadar Risk Manager provides organizations with a pre-exploit solution that allows network security professionals to assess what risks exist during and after an attack, while also answering many "What if?" questions ahead of time, which can greatly improve operational efficiency and reduce network security risks.
These slides were presented during an exclusive briefing and community review on our current research and development to redefine Zero Trust in identity first terms.
Similar to What's Next : A Trillion Event Logs, A Million Security Threat (20)
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
What's Next : A Trillion Event Logs, A Million Security Threat
1.
2. Facilitator Introduction
Alan Yau Ti Dun
Alan is currently holding a senior role as Chief
Technical Officer at a Technology / Security
Operation Center organisation and has over 15
years of experience in Information Security,
Governance and Controls. He has extensive
experience in leading engagements and serving
clients inthe area of InformationSecurity.
This includes Next Generation Security Operation Center, Information Technology
Cybersecurity Infrastructure Review, Penetration Testing, IT Audit, ISO27001
Implementation, ISO27001:2013 Transition, PCI DSS Review, Security Incident
Management and Response, Managed Security Services, Business Continuity
Planning, Secure Email and other areas.
Prior to joining his current organisation, Alan was the Technology Consulting
Services Lead at a leading regional Managed Security Service Provider, where he
lead the implementation and execution of Security Operation Center projects
including the rollout of the SOCfor one of the leader in local Telco’s Market. He is
also Certified Mile2 Instructor and have conducted specific training sessions
which include Mile2 Certified Training, CISSP Readiness Workshop, Cybersecurity
Fundamental Training andSecurityAwareness Training.
Qualifications /Professional Affiliations
• Certified Information Systems Security Professional (CISSP)
• Certificate Of Cloud Security Knowledge (CCSK)
• Certified Penetration Testing Consultant (CPTC)
• Certified Penetration Testing Engineer (CPTE)
• Certified Digital Forensic Examiner (CDFE)
• Certified Network Forensic Examiner (CNFE)
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Manager (CISM)
• Certified in Governance of Enterprise IT (CGEIT)
• Certified In Risk Information System Control (CRISC)
• Cybersecurity Nexus Fundamentals Certificate (CSXF)
• Ethical Network Security Administrator (ENSA)
• ITIL Foundation V3
• Microsoft Certified Security Administrator (MCSA)
Speaker @ Recent Events
• 14th
Annual IT Governance , Assurance and Security Conference 2015,
Malaysia – Management Trackon CybersecurityAssurance
• Bursa Malaysia Cybersecurity Workshop 2015 – Threat, Vulnerabilities and
Risk
• Cloudsec 2015 – CybersecurityAssurance
• Audit World 2015 – Auditing Cloud Service Provider
WWW.ISACA.ORG/MALAYSIA
3. Agenda
The Challenge For Log Analysis
Log Management vs SIEM vs NextGen SIEM
Security Analytic + Storage + Actionable Intelligence
NexGen Security Operation Center For Smart Cities
4. tgMonth="05" tgHour="18" tgDay="13" tgMinute="07" EC="540" C="2" CS="Logon/Logoff" L="Security" IS="LMURPHY ,TXDOT1 ,(0x15,0xE88A0488)
,3,Kerberos ,Kerberos , ,{cd7b463a-726e-1aec-4fd5-dabe7dc0231e} ,-,- ,- ,- ,- ,144.45.138.69 ,1099" SN="Security" RN="446108" XM="Successful
Network Logon: User Name: LMURPHY Domain: TXDOT1 Logon ID: (0x15,0xE88A0488) Logon Type: 3 Logon Process: Kerberos
Authentication Package: Kerberos Workstation Name: Logon GUID: {cd7b463a-726e-1aec-4fd5-dabe7dc0231e} Caller User Name: - Caller
Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 144.45.138.69 Source Port: 1099 "
tgSecond="12" U="TXDOT1LMURPHY" T="Audit Success" ET="4" this="event" CN="HOU-DC" EI="540" tgYear="2010“
1120 00000000000000000002TSV2010-06-02-12.48.43.343776QPADEV000CQSECOFR 600091 QCMD QSYS *SYSBAS 1
00000000000000000000000000000000000000000QSECOFR OMNIAS2
^@^@^@^@^@^@^@^@^@^@00000010570129150070882304AUDRCV0008QSYS *SYSBAS 1 1
^@^@^@^@^@^@^@^B000000000000000243690
361363360K361362367K365K366367@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IN090210,ESECDBA,APPLABSDLFDTAPP0803,DLFDTAPP0803,2010/04/27 18:07:34,2010/04/27 18:08:52,2010/04/27
18:08:52,101,LOGOFF,,Authenticated by: DATABASE; Client address:
(ADDRESS=(PROTOCOL=tcp)(HOST =192.168.170.11)(PORT=2788)),10187,1,1,0,,,,30553,,,,,dlfdt app2160,Oracle Database 10g Enterprise Edition
Release 10.2.0.3.0 – Prod
{"ALERT":{"MANDT":"001","MSG":"Logon Successful
(Type=U)","REPORTEDBY":"SecurityAud it","MTMCNAME":"sapserver_DM0_01","ARGTYPE2":"C","EXTINDEX":"0000000012","OBJECTNAME":"Security","
MSGARG2":"U&0","MTCLASS":"101","MSGARG1":"AU1","USERID":"SAPJSF","STATUS":"40","ARGTYPE4":"C","STATCHGDAT":"Tue Mar 24 00:00:00 PDT
2009","MTINDEX":"0000000176","VALUE":"2","MSGTEXT":"Security Audit: Logon
Event","SEVERITY":"255","STATCHGBY":"SecurityAudit","ALSYSID":"DM0","ARGTYPE3":"C","MSEGNAME":"SAP_CCM S_sapserver_DM0_01","MSCGLID":
"AU1","MTNUMRANGE":"033","ALERTDATE":"Tue Mar 24 00:00:00 PDT
2009","FIELDNAME":"Logon","ALUNIQNUM":"0000694352","MTSYSID":"DM0","ALERTTIME":"Thu Jan 01 08:19:24 PST 1970","STATCHGTIM":"Thu Jan
01 08:19:24 PST 1970","RC":"0","MSGID":"AU1","ALINDEX":"0000007340","ARGTYPE1":"C","M SGCLASS":"SAP-
YSLOG","MTUID":"0000100010"},"SYSNR":"01","HOST":"192.168.3.7"}
The Challenge For Log Analysis
Do you manage to analyze every single line from these thousand lines of log
for every minutes?
6. Customer Type Log Volume (GBs /Day) Events / Day Events / Sec
2020 > 20 Billion Devices 10,000,000,000 322,222,222….. 3,888,888…..
Cloud Provider 50,000 166,666,666,667 1,929,012
Social Media Organization 25,000 83,333,333,333 964,506
Telco’s 1,000 3,333,333,333 38,580
Enterprise > 1000 employees 300 1,000,000,000 11,574
SME 10 33,333,333 386
How Big Is The Log Size ???
7. • Who is doing what?
• What access do they have?
• Is that access appropriate?
• Where are they accessing from?
• Is this normal behavior?
• Are there other Indicators of Compromise for the
same account/host/service?
15. Next Generation Security Information and Event Management (NGSIEM) solution simplifies the deployment,
management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true
“Actionable Intelligence" security professionals need to quickly understand their threat posture and prioritize
response.
ACTIONABLE INTELLIGENCE
16. LOG MANAGER
Threats
!
Threats Intelligence
Collect Normalize Process Correlate Report
Logging Triggered
Tools / Tactics / Techniques
Analytics
CIMC
Processes Procedures
People Skill-sets
SIEM
Core SOC Technology
NEXT GEN SOC FOR SMART CITIES
SMART CITIES NGSOC
17. SECURITY OPERATION CENTER
Team Leader
NUR SYAFIQA
Shift 1 (Day) Shift 2 (Day) Shift 3 (Night) Shift 4 (Night)
Threat Analyst
(Supervisor)
OPERATION TEAM
Team Leader
NUR IMELIA
Security Analyst
Security Analyst Security Analyst Security Analyst
Security Analyst Security Analyst
NEXT GEN SOC ORG CHART
Security Analyst
Security Analyst
Incident Response
Threat Analyst
(Supervisor)
Threat Analyst
(Supervisor)
Threat Analyst
(Supervisor)
Incident Response Incident Response Incident Response
CONSULTANT
ENGINEER
R & D