SlideShare ist ein Scribd-Unternehmen logo

SIEM & IAM

•
•
Getting value from IoT, Integration and Data Analytics
Getting value from IoT, Integration and Data Analytics

Deze presentatie gaat over de integratie van SIEM (Security Incident en Event Management) en IAM (Identity en Access Management). SIEM geeft inzicht in de activiteiten van gebruikers, maar ontbeert de kennis van access en entitlement policies om beveiligingsincidenten in hun context te kunnen plaatsen. IAM heeft juist veel kennis van access en entitlement policies maar biedt geen goed inzicht in de daadwerkelijke activiteiten van gebruikers. Een goede integratie van deze twee technologieën stelt SIEM in staat de juiste exception monitoring te doen en IAM om op basis van handelingen van gebruikers Access en Entitlement Policies scherper bij te stellen en af te dwingen.

Technologie
1 von 13
Identity & Access Management Congres, Heliview André van Winssen, 28 mei 2013 SIEM & IAM
2 Who am I • André van Winssen • 20+ years in IT • Oracle and Security consultant • Sometimes too involved in application projects – but then I don’t mind
Company profile • Actief vanaf 1991 • Financieel gezond • 95 medewerkers • + 100 projecten succesvol • + 1000 jr Oracle en Java kennis • 3 ACE Directors en 2 ACEs aan boord • 2 Agile Masters • Oracle Platinum partner – Database - BPM – SOA - OEM – ADF - Webcenter
4 • The Changing Enterprise Security Model • Current IT initiatives
5 SIEM • SIM - Security Information Management – Analysis & compliance reporting of log data – Long term storage of this information • SEM - Security Event Management – Real-time analysis, monitoring & notification – Networks, security-devices, systems, applications, databases • SIEM - Security Information & Event Management – Compliance – Threat Management – Incident Response
6 SIEM strength • User activity • Access monitoring • Collection of critical log data • Identification of IS threats & responses • Broad based monitoring of security events
7 IAM • Identity Access Management • Initiate, capture, record, manage – User identities – Access permissions • IAM Policy describes – How to Authenticate – Authorizations – What to Audit
8 IAM strength • Acces control – Applications & Data • Entitlement management – Fine-grained access to • Structured/unstructured data, devices & services • User and role provisioning – Provision & deprovision – Role engineering/role mining • Context based – Circumstantial factors (time, IP, application)
9 Technology integration • SIEM consumes IAM data – For exception monitoring it needs some IAM policy context • IAM consumes SIEM data – Adjust access when SIEM detects abuse of privileges • Security intelligence
10 Technology integration • Self-integrated – Enterprise Integrated – Combine best of breed – a point solution • Vendor integrated – Platform approach – Burden of integration to vendor – More value for money
11 Oracle • Where is Oracle in SIEM-IAM integration? – Ad hoc interfacing IAM audit data with SIEM • FMW audit framework • Database auditing • Oracle API gateway • Oracle Platform Security Services • Oracle Database Firewall Integration with Arcsight SIEM • Adaptive Access management • real-time (online) and batch (offline) risk analytics • Automated behavioral profiler • Configurable decision engine (for non-IT personnel) • Device fingerprinting
12 Q & A
SIEM & IAM

Empfohlen

Clover Infotech Corporate PPT
Clover Infotech Corporate PPTClover Infotech Corporate PPT
Clover Infotech Corporate PPTSwetha Elias
 
Migrating Oracle Databases to AWS
Migrating Oracle Databases to AWSMigrating Oracle Databases to AWS
Migrating Oracle Databases to AWSAWS Germany
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security ArchitecturePriyanka Aash
 
SAP grc
SAP grc SAP grc
SAP grc smadhu29
 
Modernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSModernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSAmazon Web Services
 
E-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudE-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudKeith Kiattipong
 
AWS Cloud Assessment
AWS Cloud AssessmentAWS Cloud Assessment
AWS Cloud AssessmentMichael Cronan
 
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTION
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTIONEHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTION
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTIONLennart Winqvist
 

Empfohlen

Clover Infotech Corporate PPT
Clover Infotech Corporate PPTClover Infotech Corporate PPT
Clover Infotech Corporate PPTSwetha Elias
 
Migrating Oracle Databases to AWS
Migrating Oracle Databases to AWSMigrating Oracle Databases to AWS
Migrating Oracle Databases to AWSAWS Germany
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security ArchitecturePriyanka Aash
 
SAP grc
SAP grc SAP grc
SAP grc smadhu29
 
Modernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSModernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSAmazon Web Services
 
E-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudE-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudKeith Kiattipong
 
AWS Cloud Assessment
AWS Cloud AssessmentAWS Cloud Assessment
AWS Cloud AssessmentMichael Cronan
 
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTION
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTIONEHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTION
EHSM PUBLIC SECTOR CASE MANAGEMENT SOLUTIONLennart Winqvist
 
Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoAmazon Web Services
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsDavid Castro
 
Oracle apps
Oracle appsOracle apps
Oracle apps Krishna Chaytaniah
 
Breaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWSBreaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWSAmazon Web Services
 
OpenText Cloud Managed Services
OpenText Cloud Managed ServicesOpenText Cloud Managed Services
OpenText Cloud Managed ServicesOpenText
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...Amazon Web Services
 
Storwize v5000
Storwize v5000Storwize v5000
Storwize v5000liembkeb
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyAmazon Web Services
 
Making a cloud first strategy a practical reality
Making a cloud first strategy a practical realityMaking a cloud first strategy a practical reality
Making a cloud first strategy a practical realityAmazon Web Services
 
sap-overview.ppt
sap-overview.pptsap-overview.ppt
sap-overview.pptRamaKrishnaErroju
 
iPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergenceiPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergenceRaveendra Babu Darsi
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecturenarenvivek
 
WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)ejlp12
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachFemi Ashaye
 
Sap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance ServiceSap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance ServiceBranding Maintenance
 
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Amazon Web Services
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 

Weitere ähnliche Inhalte

Was ist angesagt?

Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoAmazon Web Services
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsDavid Castro
 
Breaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWSBreaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWSAmazon Web Services
 
OpenText Cloud Managed Services
OpenText Cloud Managed ServicesOpenText Cloud Managed Services
OpenText Cloud Managed ServicesOpenText
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...Amazon Web Services
 
Storwize v5000
Storwize v5000Storwize v5000
Storwize v5000liembkeb
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyAmazon Web Services
 
Making a cloud first strategy a practical reality
Making a cloud first strategy a practical realityMaking a cloud first strategy a practical reality
Making a cloud first strategy a practical realityAmazon Web Services
 
iPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergenceiPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergenceRaveendra Babu Darsi
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecturenarenvivek
 
WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)ejlp12
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachFemi Ashaye
 
Sap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance ServiceSap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance ServiceBranding Maintenance
 
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Amazon Web Services
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 

Was ist angesagt? (20)

Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - Toronto
 
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More ContractsMSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
MSP Best Practice | Using Strategic IT Roadmaps to Get More Contracts
 
Oracle apps
Oracle appsOracle apps
Oracle apps
 
Breaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWSBreaking Down the Economics and TCO of Migrating to AWS
Breaking Down the Economics and TCO of Migrating to AWS
 
OpenText Cloud Managed Services
OpenText Cloud Managed ServicesOpenText Cloud Managed Services
OpenText Cloud Managed Services
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
How a Global Healthcare Company Built a Migration Factory to Quickly Move Tho...
 
Storwize v5000
Storwize v5000Storwize v5000
Storwize v5000
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own CompanyPerform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own Company
 
Making a cloud first strategy a practical reality
Making a cloud first strategy a practical realityMaking a cloud first strategy a practical reality
Making a cloud first strategy a practical reality
 
sap-overview.ppt
sap-overview.pptsap-overview.ppt
sap-overview.ppt
 
iPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergenceiPaaS: A platform for Integration technology convergence
iPaaS: A platform for Integration technology convergence
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecture
 
WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)WebSphere Application Server Family (Editions Comparison)
WebSphere Application Server Family (Editions Comparison)
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture Approach
 
Sap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance ServiceSap PdMS Predictive Maintenance Service
Sap PdMS Predictive Maintenance Service
 
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
Migrating Enterprise Applications to AWS: Best Practices & Techniques (ENT303...
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
 

Ă„hnlich wie SIEM & IAM

SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber SecurityVivianMarcello3
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSLahav Savir
 
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindSpider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindTzoori Tamam
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identity Defined Security Alliance
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudAmazon Web Services
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloudAjay Rathi
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & ResponseHarry McLaren
 
Security Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariSecurity Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariAli Ahangari
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostPrecisely
 

Ă„hnlich wie SIEM & IAM (20)

SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over Perimeter
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWS
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindSpider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and Interset
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & Response
 
Security Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariSecurity Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali Ahangari
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 

Mehr von Getting value from IoT, Integration and Data Analytics

Mehr von Getting value from IoT, Integration and Data Analytics (20)

AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaSAMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: DataAMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
 
10 tips voor verbetering in je Linkedin profiel
10 tips voor verbetering in je Linkedin profiel10 tips voor verbetering in je Linkedin profiel
10 tips voor verbetering in je Linkedin profiel
 
Iot in de zorg the next step - fit for purpose
Iot in de zorg the next step - fit for purpose Iot in de zorg the next step - fit for purpose
Iot in de zorg the next step - fit for purpose
 
Iot overview .. Best practices and lessons learned by Conclusion Conenct
Iot overview .. Best practices and lessons learned by Conclusion Conenct Iot overview .. Best practices and lessons learned by Conclusion Conenct
Iot overview .. Best practices and lessons learned by Conclusion Conenct
 
IoT Fit for purpose - how to be successful in IOT Conclusion Connect
IoT Fit for purpose - how to be successful in IOT Conclusion Connect IoT Fit for purpose - how to be successful in IOT Conclusion Connect
IoT Fit for purpose - how to be successful in IOT Conclusion Connect
 
Industry and IOT Overview of protocols and best practices Conclusion Connect
Industry and IOT Overview of protocols and best practices Conclusion ConnectIndustry and IOT Overview of protocols and best practices Conclusion Connect
Industry and IOT Overview of protocols and best practices Conclusion Connect
 
IoT practical case using the people counter sensing traffic density build usi...
IoT practical case using the people counter sensing traffic density build usi...IoT practical case using the people counter sensing traffic density build usi...
IoT practical case using the people counter sensing traffic density build usi...
 
R introduction decision_trees
R introduction decision_treesR introduction decision_trees
R introduction decision_trees
 
Introduction overviewmachinelearning sig Door Lucas Jellema
Introduction overviewmachinelearning sig Door Lucas JellemaIntroduction overviewmachinelearning sig Door Lucas Jellema
Introduction overviewmachinelearning sig Door Lucas Jellema
 
IoT and the Future of work
IoT and the Future of work IoT and the Future of work
IoT and the Future of work
 
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
 
Ethereum smart contracts - door Peter Reitsma
Ethereum smart contracts - door Peter ReitsmaEthereum smart contracts - door Peter Reitsma
Ethereum smart contracts - door Peter Reitsma
 
Blockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
Blockchain - Techniek en usecases door Robert van Molken - AMIS - ConclusionBlockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
Blockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
 
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
 
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
 
Omc AMIS evenement 26012017 Dennis van Soest
Omc AMIS evenement 26012017 Dennis van SoestOmc AMIS evenement 26012017 Dennis van Soest
Omc AMIS evenement 26012017 Dennis van Soest
 

KĂĽrzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

KĂĽrzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

SIEM & IAM

  • 1. Identity & Access Management Congres, Heliview AndrĂ© van Winssen, 28 mei 2013 SIEM & IAM
  • 2. 2 Who am I • AndrĂ© van Winssen • 20+ years in IT • Oracle and Security consultant • Sometimes too involved in application projects – but then I don’t mind
  • 3. Company profile • Actief vanaf 1991 • Financieel gezond • 95 medewerkers • + 100 projecten succesvol • + 1000 jr Oracle en Java kennis • 3 ACE Directors en 2 ACEs aan boord • 2 Agile Masters • Oracle Platinum partner – Database - BPM – SOA - OEM – ADF - Webcenter
  • 4. 4 • The Changing Enterprise Security Model • Current IT initiatives
  • 5. 5 SIEM • SIM - Security Information Management – Analysis & compliance reporting of log data – Long term storage of this information • SEM - Security Event Management – Real-time analysis, monitoring & notification – Networks, security-devices, systems, applications, databases • SIEM - Security Information & Event Management – Compliance – Threat Management – Incident Response
  • 6. 6 SIEM strength • User activity • Access monitoring • Collection of critical log data • Identification of IS threats & responses • Broad based monitoring of security events
  • 7. 7 IAM • Identity Access Management • Initiate, capture, record, manage – User identities – Access permissions • IAM Policy describes – How to Authenticate – Authorizations – What to Audit
  • 8. 8 IAM strength • Acces control – Applications & Data • Entitlement management – Fine-grained access to • Structured/unstructured data, devices & services • User and role provisioning – Provision & deprovision – Role engineering/role mining • Context based – Circumstantial factors (time, IP, application)
  • 9. 9 Technology integration • SIEM consumes IAM data – For exception monitoring it needs some IAM policy context • IAM consumes SIEM data – Adjust access when SIEM detects abuse of privileges • Security intelligence
  • 10. 10 Technology integration • Self-integrated – Enterprise Integrated – Combine best of breed – a point solution • Vendor integrated – Platform approach – Burden of integration to vendor – More value for money
  • 11. 11 Oracle • Where is Oracle in SIEM-IAM integration? – Ad hoc interfacing IAM audit data with SIEM • FMW audit framework • Database auditing • Oracle API gateway • Oracle Platform Security Services • Oracle Database Firewall Integration with Arcsight SIEM • Adaptive Access management • real-time (online) and batch (offline) risk analytics • Automated behavioral profiler • Configurable decision engine (for non-IT personnel) • Device fingerprinting