SlideShare ist ein Scribd-Unternehmen logo

How to Turbocharge Your Cyber Security Incident Response with Automation

Als PPTX, PDF herunterladen
Ayehu Software Technologies Ltd.
Ayehu Software Technologies Ltd.

Watch the webinar: http://bit.ly/1QUAWBL What if there was a way that you could fortify your security strategy to make catching potential threats easier, more affordable and more efficient? Great news – there is! Automation can be leveraged as a force multiplier for your CSIRT (Computer Security Incident Response Team), making your data, and your organization, much safer from would-be criminals. And while no plan can ever fully eliminate risk, the more you proactively strengthen your approach, the more you can mitigate any potential damages. This informative presentation will delve in-depth into a number of helpful topics, including several compelling reasons why you should automate cyber security incident response as well as how to deal with several concerns associated with automated incident response. Download eyeShare, free of charge - http://bit.ly/1XegGQR

Software
1 von 26
© 2016 Ayehu Software Technologies, Ltd. All rights reserved. How to Turbocharge Your Cyber Security Incident Response With Automation February 24, 2016 starting at 12:00pm EST / 9:00am PST
Today’s webinar will be presented by: Guy Nadivi Director, Business Development © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 2 Sharon Cohen, CISM IT & Security Professional Services Manager
Company Background • Leading innovator of IT Process Automation Software • Founded in 2007, Headquarters in New York • Product first launched in 2009 • Flagship product: eyeShare™ IT Process Automation v4.7.3 • Eric Benhamou, former CEO of 3Com and Palm, BGV currently © 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Sample of eyeShare Users © 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Agenda slide 5© 2016 Ayehu Software Technologies, Ltd. All rights reserved. #1 Why you should automate Cyber Security Incident Response #2 The concerns of running automation in Cyber Security Incident Response #3 A real life scenario of automating Incident Response
What Is A Cyber Security Incident Response? slide 6© 2016 Ayehu Software Technologies, Ltd. All rights reserved. An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. source: searchsecurity.techtarget.com/definition/incident-response An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
What Is A Cyber Security Incident Response? slide 7© 2016 Ayehu Software Technologies, Ltd. All rights reserved. source: Gartner - "Top Security Trends for 2016-2017"
Why Automate Cyber Security Incident Response? slide 8© 2016 Ayehu Software Technologies, Ltd. All rights reserved. “71% of represented organizations experienced at least one successful cyberattack in the preceding 12 months (up from 62% the year prior)”. source: 2015 Cyberthreat Defense Report from the CyberEdge Group 205 - median number of days that threat groups were present on a victim’s network before detection (Longest Presence: 2,287 days) source: "Beyond the Breach" - Mandiant 2015 Malware Report Malicious cyber attacks cost US$300 Billion to US$1 Trillion a year! source: "THE ECONOMIC IMPACT OF CYBERCRIME AND CYBER ESPIONAGE Report" - Center for Strategic and International Studies July 2013
Why Automate Cyber Security Incident Response? slide 9© 2016 Ayehu Software Technologies, Ltd. All rights reserved. “By 2019, 40% of large enterprises will require specialized, automated tools to meet regulatory obligations in the event of a serious information security incident.” source: Gartner
Why Automate Cyber Security Incident Response? slide 10© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Lack of qualified staff Lack of necessary expertise People don’t scale very well
Why Automate Cyber Security Incident Response? slide 11© 2016 Ayehu Software Technologies, Ltd. All rights reserved. When it comes to remediating security breaches, automation is a force multiplier
Concerns About Automating Cyber Security Incident Response slide 12© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Too Many False Positives In Security
Concerns About Automating Cyber Security Incident Response slide 13© 2016 Ayehu Software Technologies, Ltd. All rights reserved. In Security (& elsewhere) False Positives Are Distressing
Automating Cyber Security Incident Response slide 14© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Automating Cyber Security Incident Response slide 15© 2016 Ayehu Software Technologies, Ltd. All rights reserved. A security playbook is a customizable template for specific cyber security incidents, that streamlines an organization's response procedures using best practices. Playbook
Ayehu Case Study slide 16© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Dual Logins By The Same Individual From Different Locations • A user logs in from one location. • The same user then logs in 15 minutes later from another location 30 miles away. • Is the first login legitimate, but the second one fraudulent? Or is it the other way around? Maybe they’re both fraudulent? • How do you automate the process of determining which login (if any) is legitimate?
Sharon Cohen © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 17
Demo slide 18© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 19 No Programming !
Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 20 No Agents !
Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 21
Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 22 Automation enables better preparation • Simulate & test multiple scenarios in advance of an attack • Validates playbooks • Fast response, errors reduced, documented properly, people notified
Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 23 Automation enables 24/7 Coverage • SOC's are rarely manned around the clock with security experts • Enables fast, best practice responses no matter who’s on duty any time of day
Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 24 Rapid Containment, Eradication, & Recovery • Malware • Evidence • Vulnerabilities • Operational
Ask Us Anything slide 25© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Please send any follow up questions to: Guy Nadivi guy@ayehu.com www.ayehu.com slide 26 Go To ayehu.com Free trial version of eyeShare! © 2016 Ayehu Software Technologies, Ltd. All rights reserved.

Empfohlen

Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Nathan Burke
 
Ayehu eyeShare Overview
Ayehu eyeShare OverviewAyehu eyeShare Overview
Ayehu eyeShare OverviewAyehu Software Technologies Ltd.
 
Cyber security training for Non-IT Staff
Cyber security training for Non-IT StaffCyber security training for Non-IT Staff
Cyber security training for Non-IT StaffRajneesh G
 
30 September 2014: Cyber Security Model
30 September 2014: Cyber Security Model30 September 2014: Cyber Security Model
30 September 2014: Cyber Security ModelDefence and Security Accelerator
 
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...Chris Ross
 
Data Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessData Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessEversheds Sutherland
 
Cyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureCyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureOllie Whitehouse
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 

Empfohlen

Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Nathan Burke
 
Ayehu eyeShare Overview
Ayehu eyeShare OverviewAyehu eyeShare Overview
Ayehu eyeShare OverviewAyehu Software Technologies Ltd.
 
Cyber security training for Non-IT Staff
Cyber security training for Non-IT StaffCyber security training for Non-IT Staff
Cyber security training for Non-IT StaffRajneesh G
 
30 September 2014: Cyber Security Model
30 September 2014: Cyber Security Model30 September 2014: Cyber Security Model
30 September 2014: Cyber Security ModelDefence and Security Accelerator
 
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...
Automation and Orchestration - Harnessing Threat Intelligence for Better Inci...Chris Ross
 
Data Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessData Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessEversheds Sutherland
 
Cyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureCyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureOllie Whitehouse
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information securityJisc
 
Overview
OverviewOverview
OverviewNathan Burke
 
AgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy TemplateAgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy TemplateAgilePath Corporation
 
IPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service ManagementIPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service Managementcheahwk
 
What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...Ayehu Software Technologies Ltd.
 
Devops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetDevops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetEdureka!
 
Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation Kiran Gollu
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response TeamBGA Cyber Security
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101Amit Ranjan
 
Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAutomating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAyehu Software Technologies Ltd.
 
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesHow to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesAyehu Software Technologies Ltd.
 
How Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsHow Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsAyehu Software Technologies Ltd.
 
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Ayehu Software Technologies Ltd.
 
How to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile ThreatsHow to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile ThreatsAyehu Software Technologies Ltd.
 
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingHow To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingAyehu Software Technologies Ltd.
 
How to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT AutomationHow to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT AutomationAyehu Software Technologies Ltd.
 
Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+AyehuDefeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+AyehuAyehu Software Technologies Ltd.
 
How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)Ayehu Software Technologies Ltd.
 
Network Operation Center Best Practices
Network Operation Center Best PracticesNetwork Operation Center Best Practices
Network Operation Center Best PracticesAyehu Software Technologies Ltd.
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 

Weitere ähnliche Inhalte

Andere mochten auch

AgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy TemplateAgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy TemplateAgilePath Corporation
 
IPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service ManagementIPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service Managementcheahwk
 
What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...Ayehu Software Technologies Ltd.
 
Devops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetDevops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetEdureka!
 
Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation Kiran Gollu
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response TeamBGA Cyber Security
 

Andere mochten auch (8)

Overview
OverviewOverview
Overview
 
AgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy TemplateAgilePath Cloud Playbook Strategy Template
AgilePath Cloud Playbook Strategy Template
 
IPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service ManagementIPsoft Autonomics IT Service Management
IPsoft Autonomics IT Service Management
 
What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...
 
Devops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetDevops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with Puppet
 
Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation Neptune : Re-thinking Incident Response Automation
Neptune : Re-thinking Incident Response Automation
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
 

Mehr von Ayehu Software Technologies Ltd.

Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAutomating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAyehu Software Technologies Ltd.
 
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesHow to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesAyehu Software Technologies Ltd.
 
How Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsHow Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsAyehu Software Technologies Ltd.
 
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Ayehu Software Technologies Ltd.
 
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingHow To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingAyehu Software Technologies Ltd.
 
Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+AyehuDefeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+AyehuAyehu Software Technologies Ltd.
 
How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)Ayehu Software Technologies Ltd.
 

Mehr von Ayehu Software Technologies Ltd. (10)

Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAutomating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
 
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesHow to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
 
How Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsHow Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gaps
 
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
 
How to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile ThreatsHow to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile Threats
 
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingHow To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
 
How to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT AutomationHow to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT Automation
 
Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+AyehuDefeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu
 
How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)
 
Network Operation Center Best Practices
Network Operation Center Best PracticesNetwork Operation Center Best Practices
Network Operation Center Best Practices
 

Kürzlich hochgeladen

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxAnnaArtyushina1
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburgmasabamasaba
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 

Kürzlich hochgeladen (20)

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 

How to Turbocharge Your Cyber Security Incident Response with Automation

  • 1. © 2016 Ayehu Software Technologies, Ltd. All rights reserved. How to Turbocharge Your Cyber Security Incident Response With Automation February 24, 2016 starting at 12:00pm EST / 9:00am PST
  • 2. Today’s webinar will be presented by: Guy Nadivi Director, Business Development © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 2 Sharon Cohen, CISM IT & Security Professional Services Manager
  • 3. Company Background • Leading innovator of IT Process Automation Software • Founded in 2007, Headquarters in New York • Product first launched in 2009 • Flagship product: eyeShare™ IT Process Automation v4.7.3 • Eric Benhamou, former CEO of 3Com and Palm, BGV currently © 2016 Ayehu Software Technologies, Ltd. All rights reserved.
  • 4. Sample of eyeShare Users © 2016 Ayehu Software Technologies, Ltd. All rights reserved.
  • 5. Agenda slide 5© 2016 Ayehu Software Technologies, Ltd. All rights reserved. #1 Why you should automate Cyber Security Incident Response #2 The concerns of running automation in Cyber Security Incident Response #3 A real life scenario of automating Incident Response
  • 6. What Is A Cyber Security Incident Response? slide 6© 2016 Ayehu Software Technologies, Ltd. All rights reserved. An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. source: searchsecurity.techtarget.com/definition/incident-response An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
  • 7. What Is A Cyber Security Incident Response? slide 7© 2016 Ayehu Software Technologies, Ltd. All rights reserved. source: Gartner - "Top Security Trends for 2016-2017"
  • 8. Why Automate Cyber Security Incident Response? slide 8© 2016 Ayehu Software Technologies, Ltd. All rights reserved. “71% of represented organizations experienced at least one successful cyberattack in the preceding 12 months (up from 62% the year prior)”. source: 2015 Cyberthreat Defense Report from the CyberEdge Group 205 - median number of days that threat groups were present on a victim’s network before detection (Longest Presence: 2,287 days) source: "Beyond the Breach" - Mandiant 2015 Malware Report Malicious cyber attacks cost US$300 Billion to US$1 Trillion a year! source: "THE ECONOMIC IMPACT OF CYBERCRIME AND CYBER ESPIONAGE Report" - Center for Strategic and International Studies July 2013
  • 9. Why Automate Cyber Security Incident Response? slide 9© 2016 Ayehu Software Technologies, Ltd. All rights reserved. “By 2019, 40% of large enterprises will require specialized, automated tools to meet regulatory obligations in the event of a serious information security incident.” source: Gartner
  • 10. Why Automate Cyber Security Incident Response? slide 10© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Lack of qualified staff Lack of necessary expertise People don’t scale very well
  • 11. Why Automate Cyber Security Incident Response? slide 11© 2016 Ayehu Software Technologies, Ltd. All rights reserved. When it comes to remediating security breaches, automation is a force multiplier
  • 12. Concerns About Automating Cyber Security Incident Response slide 12© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Too Many False Positives In Security
  • 13. Concerns About Automating Cyber Security Incident Response slide 13© 2016 Ayehu Software Technologies, Ltd. All rights reserved. In Security (& elsewhere) False Positives Are Distressing
  • 14. Automating Cyber Security Incident Response slide 14© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
  • 15. Automating Cyber Security Incident Response slide 15© 2016 Ayehu Software Technologies, Ltd. All rights reserved. A security playbook is a customizable template for specific cyber security incidents, that streamlines an organization's response procedures using best practices. Playbook
  • 16. Ayehu Case Study slide 16© 2016 Ayehu Software Technologies, Ltd. All rights reserved. Dual Logins By The Same Individual From Different Locations • A user logs in from one location. • The same user then logs in 15 minutes later from another location 30 miles away. • Is the first login legitimate, but the second one fraudulent? Or is it the other way around? Maybe they’re both fraudulent? • How do you automate the process of determining which login (if any) is legitimate?
  • 17. Sharon Cohen © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 17
  • 18. Demo slide 18© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
  • 19. Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 19 No Programming !
  • 20. Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 20 No Agents !
  • 21. Top 3 Features © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 21
  • 22. Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 22 Automation enables better preparation • Simulate & test multiple scenarios in advance of an attack • Validates playbooks • Fast response, errors reduced, documented properly, people notified
  • 23. Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 23 Automation enables 24/7 Coverage • SOC's are rarely manned around the clock with security experts • Enables fast, best practice responses no matter who’s on duty any time of day
  • 24. Top 3 Benefits © 2016 Ayehu Software Technologies, Ltd. All rights reserved. slide 24 Rapid Containment, Eradication, & Recovery • Malware • Evidence • Vulnerabilities • Operational
  • 25. Ask Us Anything slide 25© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
  • 26. Please send any follow up questions to: Guy Nadivi guy@ayehu.com www.ayehu.com slide 26 Go To ayehu.com Free trial version of eyeShare! © 2016 Ayehu Software Technologies, Ltd. All rights reserved.