SlideShare a Scribd company logo
1 of 22
Download to read offline
BOAS PRÁTICAS DE OPERAÇÕES DE
SEGURANÇA PARA OT
EM UM MUNDO HIPER-CONECTADO
Apresentado por Felipe Jordão
Systems Engineer na Palo Alto Networks
Contexto Atual da
Cibersegurança na Indústria
O DESAFIO DAS AMEAÇAS CIBERNÉTICAS
As empresas estão se transformando
continuamente, alimentando uma superfície de
ataque cibernético em constante expansão.
As ameaças cibernéticas hoje estão desafiando a
capacidade de resposta da maioria das empresas.
TENDÊNCIAS E ADOÇÕES TECNOLÓGICAS
RANSOMWARE EM EVIDÊNCIA
MODERNIZAÇÃO DE OT
Rede Corporativa
Indústria 4.0
Information
Technology
”IT”
Operational
Technology
”OT”
Industrial IoT
• Unificação da rede IP
• Mais conectividade externa
• “Refresh tecnológico” de OT & IT
• Virtualização, Cloud, Mobile, 4G/5G
PLCs / RTUs
HMI
Estação Remota / Chão de Fábrica
Centro de Controle
Control Servers
SCADA Master /HMI
Integração IT-OT
Internet
WAN
Poços de Petróleo Digitais
Industrial
Protegendo OT de Um Mundo
Hiper-Conectado
PILARES BÁSICOS PARA CIBERSEGURANÇA EM OT
Norma IEC-62443
Segmentação
Zero Trust
Acesso Remoto
Arquitetura Controle de Acesso SecOps Gestão
Uso de MFA
Políticas de
segurança
baseadas em
usuários
Segurança de
endpoints
Correlação de
eventos
Definição de
Processos
Procedimentos de
Respostas a
Incidentes
ARQUITETURA
Norma IEC 62443
Componentes IEC 62443
ARQUITETURA
Norma IEC 62443
Security Levels IEC 62443
ARQUITETURA
Segmentação
VLAN Insertion
ARQUITETURA
Acesso Remoto
Acesso Remoto com SASE e ZTNA
CONTROLE DE ACESSO
Políticas de segurança baseadas em usuários
DEPOIS
ANTES
access-list 102 permit udp 126.183.90.85 0.0.0.255 eq 3256 114.53.254.245 255.255.255 lt 1780
access-list 102 deny icmp 203.36.110.37 255.255.255.255 lt 999 229.216.9.232 0.0.0.127 gt 3611
access-list 102 permit tcp 131.249.33.123 0.0.0.127 lt 4765 71.219.207.89 0.255.255.255 eq 606
access-list 102 deny tcp 112.174.162.193 0.255.255.255 gt 368 4.151.192.136 0.0.0.255 gt 4005
access-list 102 permit ip 189.71.213.162 0.0.0.127 gt 2282 74.67.181.47 0.0.0.127 eq 199
access-list 102 deny udp 130.237.66.56 255.255.255.255 lt 3943 141.68.48.108 0.0.0.255 gt 3782
access-list 102 deny ip 193.250.210.122 0.0.1.255 lt 2297 130.113.139.130 0.255.255.255 gt 526
SOURCE ZONE USER
DESTINATION
ZONE
APPLICATION
HQ Zone , GP Zone Employee Internet Zone Sanctioned SaaS
HQ Zone, GP Zone NY-Finance-
Analysts
Financial Servers-
NY
Internal Financial
Apps
User-ID enables security teams to define policy rules on firewalls to safely
enable applications and control access based on users or groups of users
Using IP addresses to identify users is inefficient and cannot determine
users accurately as IP addresses change
CONTROLE DE ACESSO
MFA – Multi Factor Authentication
Multi-Factor
Authentication
Always know that
the user is who
they claim to be
Historian
Engineer Station
Attacker uses stolen
credentials
1
4 Attacker fails to gain
access, attempt recorded
2 User receives MFA request
User denies request to
access sensitive data
3
SECOPS
Segurança de Endpoints
Isolate endpoints,
quarantine, block files,
kill processes
Block network access
via firewall integration
Orchestrate
with SOAR Tools
Access endpoints
through a terminal
Restore compromised
hosts with one click
Endpoint script
execution
Security Analyst Compromised
Host
SECOPS
Segurança de Endpoints
Broker de
Comunicação
Serviço de
XDR
Agentes em
Endpoints
Proteja endpoints que não podem se conectar diretamente à Internet
SECOPS
Correlação de Eventos
App
User
& Host
Network
Threat
Intel
Endpoint
App
App name
Protocol
URL and Domain
Response Size
Response Code
Referrer
Network
TCP port
Source IP
Country
Dest IP
Sent Bytes
Received Bytes
Threat
Intelligence
Malware hashes
Malicious IPs
Phishing URLs
URL Categories
User & Host
User name
Hostname
Organizational unit
Operating system
Mac address
Endpoint
File update
Process name
MD5/SHA Hash
File path
Registry change
Malware verdict
CLI arguments
Collect rich data for
behavioral analytics & AI
Automatically correlate data to
gain context for investigations
GESTÃO
Definição de Processos
Respond
Transform
Assess and test your security
controls against the right
threats with Proactive
Assessments
Incident Response
Cyber Risk Management
Threat
Intelligence
Tools
Expertise &
Experience
GESTÃO
Procedimentos de Respostas a Incidentes
SENSE
● Detect and prevent
● Critical security layers
AUTOMATE
● Automated detections,
correlations,
prioritization, root
cause, timelining, and
workflows
INTEGRATE
● Stories: Native Data
Stitching with built-in
logic to understand
incidents and artifacts
● Data correlation
ANALYZE
Large set of ML models
● Post-Exploit Detection
● Lateral Movement
Detection
● Data Exfiltration
Detection
HOST
NETWORK
AUTOMATED
ROOT CAUSE
AUTOMATED
WORKFLOWS
STORY
BEHAVIOR
MODELS
1
4
2
3
IDENTITY
https://www.paloaltonetworks.com/security-for/industry/scada-and-industrial-control
REFERÊNCIAS ADICIONAIS
PALO ALTO NETWORKS PORTFOLIO
Strata PA-Series
ML-Powered Next-Generation Firewall
App-ID | User-ID | Content-ID | Device-ID
VM-Series
Virtual Next-Generation Firewall
App-ID | User-ID | Content-ID | Device-ID
CN-Series
Containerized Next-Generation Firewall
App-ID | User-ID | Content-ID | Device-ID
Panorama
Firewall Management
Cloud-Delivered Security Services
DNS Security Advanced
Threat Prevention
Advanced
URL Filtering
WildFire IoT Security GlobalProtect SD-WAN Data Loss
Prevention
Prisma SaaS
DNS Attack
Prevention
Exploit, Malware, C2
Prevention
Malicious Site &
Phishing Prevention
Malware Prevention Enterprise IoT
Security
Mobile User Security Secure Branch
Connectivity
Data Protection &
Compliance
In-line & API SaaS
Application Security
Prisma Access
Secure Access Service Edge
FWaaS | Secure Web Gateway | Zero Trust Network Access
Prisma Cloud
Cloud Native Security Platform
Cloud Security Posture Management | Cloud Workload
Protection | Cloud Network Security | Cloud Infrastructure
Entitlement Management
Cortex XDR
Extended Detection and Response
Endpoint Threat Prevention | Endpoint Detection & Response | Behavioral Analytics |
Managed Detection & Response
Cortex XSOAR
Extended Security Orchestration, Automation and Response
Security Orchestration, Automation & Response |
Threat Intelligence Management
Prisma SD-WAN
Next-Generation SD-WAN
SD-WAN
Cortex Xpanse
Attack Surface Management
Internet-Connected Asset Discovery & Mitigation
OBRIGADO!
Felipe Jordão
fjordao@paloaltonetworks.com

More Related Content

What's hot

Fortinet
FortinetFortinet
FortinetABEP123
 
Cisco Meraki- Simplifying IT
Cisco Meraki- Simplifying ITCisco Meraki- Simplifying IT
Cisco Meraki- Simplifying ITCisco Canada
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceIvanti
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio updateAtanas Gergiminov
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dellCompetitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dellIT Tech
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
Data Center Security
Data Center SecurityData Center Security
Data Center SecurityCisco Canada
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Palo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheetPalo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheetgrammershazil
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 

What's hot (20)

Fortinet
FortinetFortinet
Fortinet
 
Cisco Meraki- Simplifying IT
Cisco Meraki- Simplifying ITCisco Meraki- Simplifying IT
Cisco Meraki- Simplifying IT
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere Workplace
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dellCompetitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
 
Zero trust Architecture
Zero trust Architecture Zero trust Architecture
Zero trust Architecture
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer network
 
Palo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheetPalo alto-networks-product-summary-specsheet
Palo alto-networks-product-summary-specsheet
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 

Similar to CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações de segurança para OT em um mundo hiper-conectado

Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01RoutecoMarketing
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesMichele Vecchione
 
Latest Cybersecurity Trends
Latest Cybersecurity TrendsLatest Cybersecurity Trends
Latest Cybersecurity TrendsIRJET Journal
 
deceptionGUARD by GrayMatter
deceptionGUARD by GrayMatterdeceptionGUARD by GrayMatter
deceptionGUARD by GrayMatterGrayMatter
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solutionmatthew.maisel
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
 
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systemsA modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systemsAlane Moran
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsMario Drobics
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...NetworkCollaborators
 
seqrite-hawkkeye-datasheet.pdf
seqrite-hawkkeye-datasheet.pdfseqrite-hawkkeye-datasheet.pdf
seqrite-hawkkeye-datasheet.pdfseqriteseo
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS Cristian Garcia G.
 

Similar to CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações de segurança para OT em um mundo hiper-conectado (20)

Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future Challanges
 
Latest Cybersecurity Trends
Latest Cybersecurity TrendsLatest Cybersecurity Trends
Latest Cybersecurity Trends
 
deceptionGUARD by GrayMatter
deceptionGUARD by GrayMatterdeceptionGUARD by GrayMatter
deceptionGUARD by GrayMatter
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
A modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systemsA modern approach to safeguarding your ICS and SCADA systems
A modern approach to safeguarding your ICS and SCADA systems
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
 
seqrite-hawkkeye-datasheet.pdf
seqrite-hawkkeye-datasheet.pdfseqrite-hawkkeye-datasheet.pdf
seqrite-hawkkeye-datasheet.pdf
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
RetrospectivaTI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1TI Safe
 
Palestra eb 02 07-19
Palestra eb 02 07-19Palestra eb 02 07-19
Palestra eb 02 07-19TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 
Palestra eb 02 07-19
Palestra eb 02 07-19Palestra eb 02 07-19
Palestra eb 02 07-19
 

Recently uploaded

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneUiPathCommunity
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 

Recently uploaded (20)

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks  and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyone
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 

CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações de segurança para OT em um mundo hiper-conectado

  • 1. BOAS PRÁTICAS DE OPERAÇÕES DE SEGURANÇA PARA OT EM UM MUNDO HIPER-CONECTADO Apresentado por Felipe Jordão Systems Engineer na Palo Alto Networks
  • 3. O DESAFIO DAS AMEAÇAS CIBERNÉTICAS As empresas estão se transformando continuamente, alimentando uma superfície de ataque cibernético em constante expansão. As ameaças cibernéticas hoje estão desafiando a capacidade de resposta da maioria das empresas.
  • 4. TENDÊNCIAS E ADOÇÕES TECNOLÓGICAS
  • 6. MODERNIZAÇÃO DE OT Rede Corporativa Indústria 4.0 Information Technology ”IT” Operational Technology ”OT” Industrial IoT • Unificação da rede IP • Mais conectividade externa • “Refresh tecnológico” de OT & IT • Virtualização, Cloud, Mobile, 4G/5G PLCs / RTUs HMI Estação Remota / Chão de Fábrica Centro de Controle Control Servers SCADA Master /HMI Integração IT-OT Internet WAN Poços de Petróleo Digitais Industrial
  • 7. Protegendo OT de Um Mundo Hiper-Conectado
  • 8. PILARES BÁSICOS PARA CIBERSEGURANÇA EM OT Norma IEC-62443 Segmentação Zero Trust Acesso Remoto Arquitetura Controle de Acesso SecOps Gestão Uso de MFA Políticas de segurança baseadas em usuários Segurança de endpoints Correlação de eventos Definição de Processos Procedimentos de Respostas a Incidentes
  • 13. CONTROLE DE ACESSO Políticas de segurança baseadas em usuários DEPOIS ANTES access-list 102 permit udp 126.183.90.85 0.0.0.255 eq 3256 114.53.254.245 255.255.255 lt 1780 access-list 102 deny icmp 203.36.110.37 255.255.255.255 lt 999 229.216.9.232 0.0.0.127 gt 3611 access-list 102 permit tcp 131.249.33.123 0.0.0.127 lt 4765 71.219.207.89 0.255.255.255 eq 606 access-list 102 deny tcp 112.174.162.193 0.255.255.255 gt 368 4.151.192.136 0.0.0.255 gt 4005 access-list 102 permit ip 189.71.213.162 0.0.0.127 gt 2282 74.67.181.47 0.0.0.127 eq 199 access-list 102 deny udp 130.237.66.56 255.255.255.255 lt 3943 141.68.48.108 0.0.0.255 gt 3782 access-list 102 deny ip 193.250.210.122 0.0.1.255 lt 2297 130.113.139.130 0.255.255.255 gt 526 SOURCE ZONE USER DESTINATION ZONE APPLICATION HQ Zone , GP Zone Employee Internet Zone Sanctioned SaaS HQ Zone, GP Zone NY-Finance- Analysts Financial Servers- NY Internal Financial Apps User-ID enables security teams to define policy rules on firewalls to safely enable applications and control access based on users or groups of users Using IP addresses to identify users is inefficient and cannot determine users accurately as IP addresses change
  • 14. CONTROLE DE ACESSO MFA – Multi Factor Authentication Multi-Factor Authentication Always know that the user is who they claim to be Historian Engineer Station Attacker uses stolen credentials 1 4 Attacker fails to gain access, attempt recorded 2 User receives MFA request User denies request to access sensitive data 3
  • 15. SECOPS Segurança de Endpoints Isolate endpoints, quarantine, block files, kill processes Block network access via firewall integration Orchestrate with SOAR Tools Access endpoints through a terminal Restore compromised hosts with one click Endpoint script execution Security Analyst Compromised Host
  • 16. SECOPS Segurança de Endpoints Broker de Comunicação Serviço de XDR Agentes em Endpoints Proteja endpoints que não podem se conectar diretamente à Internet
  • 17. SECOPS Correlação de Eventos App User & Host Network Threat Intel Endpoint App App name Protocol URL and Domain Response Size Response Code Referrer Network TCP port Source IP Country Dest IP Sent Bytes Received Bytes Threat Intelligence Malware hashes Malicious IPs Phishing URLs URL Categories User & Host User name Hostname Organizational unit Operating system Mac address Endpoint File update Process name MD5/SHA Hash File path Registry change Malware verdict CLI arguments Collect rich data for behavioral analytics & AI Automatically correlate data to gain context for investigations
  • 18. GESTÃO Definição de Processos Respond Transform Assess and test your security controls against the right threats with Proactive Assessments Incident Response Cyber Risk Management Threat Intelligence Tools Expertise & Experience
  • 19. GESTÃO Procedimentos de Respostas a Incidentes SENSE ● Detect and prevent ● Critical security layers AUTOMATE ● Automated detections, correlations, prioritization, root cause, timelining, and workflows INTEGRATE ● Stories: Native Data Stitching with built-in logic to understand incidents and artifacts ● Data correlation ANALYZE Large set of ML models ● Post-Exploit Detection ● Lateral Movement Detection ● Data Exfiltration Detection HOST NETWORK AUTOMATED ROOT CAUSE AUTOMATED WORKFLOWS STORY BEHAVIOR MODELS 1 4 2 3 IDENTITY
  • 21. PALO ALTO NETWORKS PORTFOLIO Strata PA-Series ML-Powered Next-Generation Firewall App-ID | User-ID | Content-ID | Device-ID VM-Series Virtual Next-Generation Firewall App-ID | User-ID | Content-ID | Device-ID CN-Series Containerized Next-Generation Firewall App-ID | User-ID | Content-ID | Device-ID Panorama Firewall Management Cloud-Delivered Security Services DNS Security Advanced Threat Prevention Advanced URL Filtering WildFire IoT Security GlobalProtect SD-WAN Data Loss Prevention Prisma SaaS DNS Attack Prevention Exploit, Malware, C2 Prevention Malicious Site & Phishing Prevention Malware Prevention Enterprise IoT Security Mobile User Security Secure Branch Connectivity Data Protection & Compliance In-line & API SaaS Application Security Prisma Access Secure Access Service Edge FWaaS | Secure Web Gateway | Zero Trust Network Access Prisma Cloud Cloud Native Security Platform Cloud Security Posture Management | Cloud Workload Protection | Cloud Network Security | Cloud Infrastructure Entitlement Management Cortex XDR Extended Detection and Response Endpoint Threat Prevention | Endpoint Detection & Response | Behavioral Analytics | Managed Detection & Response Cortex XSOAR Extended Security Orchestration, Automation and Response Security Orchestration, Automation & Response | Threat Intelligence Management Prisma SD-WAN Next-Generation SD-WAN SD-WAN Cortex Xpanse Attack Surface Management Internet-Connected Asset Discovery & Mitigation

Editor's Notes

  1. Multi-extortion techniques where attackers not only encrypt the files of an organization, but also name and shame the victims and/ or threaten to launch additional attacks (e.g., distributed denial of service, known as DDoS) to encourage victims to pay more quickly. In 2021, the names and proof of compromise for 2,566 victims were publicly posted on ransomware leak sites, marking an 85% increase compared to 2020. Extremely prolific ransomware as-a-service (RaaS) business models, which offer “startup kits” and “support services” to would be cybercriminals, significantly lowering the technical barrier to entry and accelerating the speed with which attacks can be introduced and spread. Rapid weaponization of vulnerabilities. For example, major ransomware gangs quickly exploited CVE-2021-44228, commonly referred to as Log4Shell. It is highly likely that as long as organizations fail to patch known critical vulnerabilities, attackers will exploit them to their advantage.
  2. With the convergence of IT and OT at an accelerated pace and the integrations being more profound and more complex, the need for organizations to adopt a cybersecurity framework designed for OT, such as ISA/IEC 62443, is no longer optional (see figure 3). ISA/IEC 62443 is a flexible framework that addresses and mitigates current and future security vulnerabilities in IACS regardless of industry, making it an integral component of the U.S. Cybersecurity Framework.
  3. With the convergence of IT and OT at an accelerated pace and the integrations being more profound and more complex, the need for organizations to adopt a cybersecurity framework designed for OT, such as ISA/IEC 62443, is no longer optional (see figure 3). ISA/IEC 62443 is a flexible framework that addresses and mitigates current and future security vulnerabilities in IACS regardless of industry, making it an integral component of the U.S. Cybersecurity Framework.