SlideShare ist ein Scribd-Unternehmen logo

Security Intelligence

IBMGovernmentCA
IBMGovernmentCA
Technologie
1 von 25
Downloaden Sie, um offline zu lesen
IBM Security Systems Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 © 2012 IBM Corporation 1 © 2012 IBM Corporation
IBM Security Systems Securing Information Resources is a Multi-Dimensional Puzzle Employees Hackers Outsourcers Outsourcers Suppliers People Consultants Terrorists Customers Customers Data Structured Structured Unstructured Unstructured At rest In motion In motion Systems Systems Web Mobile Applications Applications Web2.0 Web 2.0 Mobile apps applications Applications Applications Infrastructure It is no longer possible to define and protect the perimeter, but demands a focus on JK 2012-04-26 protecting data. Point products are not sufficient to protect the enterprise. 2 © 2012 IBM Corporation
IBM Security Systems Getting Intimate with Your Computing Environment How well do you know: Applications? Owners? Activity patterns? Where sensitive data resides? Network activity patterns? 3 © 2012 IBM Corporation
IBM Security Systems Why Take the Red Pill? What’s normal? what’s suspect? 4 © 2012 IBM Corporation
IBM Security Systems How to Get There: Security Intelligence Users & Identities Security Devices Event Correlation Servers & Hosts • Logs • IP Reputation • Flows • Geo Location Network & Virtual Activity Offense Identification Activity Baselining & Anomaly • Credibility Vulnerability Info Detection • Severity • Relevance • User Activity Application Activity • Database Activity • Application Activity Database Activity • Network Activity Configuration Info Suspected Incidents Extensive Data Deep Exceptionally Accurate and Sources + Intelligence = Actionable Insight 5 © 2012 IBM Corporation
IBM Security Systems What is Security Intelligence? Security Intelligence --noun 1.the real-time collectionnormalization andanalytics of the collection,normalization collectionnormalization, analytics analytics data generated by users, applications and infrastructure that impacts the IT security and risk posture of an enterprise Security Intelligence provides actionable and comprehensive insight for managing risks and threats from protection and detection through remediation 6 © 2012 IBM Corporation
IBM Security Systems Activity and Data Access Monitoring Visualize Data Risks Automated charting and reporting on potential attacks Correlate System, Application, & Network Activity Enrich security alerts with anomaly detection and flow analysis Detect suspicious activity before it leads to a breach 360-degree visibility helps distinguish true breaches from benign activity, in real time 7 © 2012 IBM Corporation
IBM Security Systems Top Events by Log Type and Count 8 © 2012 IBM Corporation
IBM Security Systems Top Flows by Application and Total Bytes 9 © 2012 IBM Corporation
IBM Security Systems …and Bottom Flows 10 © 2012 IBM Corporation
IBM Security Systems Data Leakage Who is responsible for the data leak? Alert on data patterns, such as credit card number, in real time. 11 © 2012 IBM Corporation
IBM Security Systems Passively Discover & Profile Assets with NetFlow & QFlow 12 © 2012 IBM Corporation
IBM Security Systems Enrich the Asset Database with VA Scans, Manually, CMDB Import 13 © 2012 IBM Corporation
IBM Security Systems Update Rules Automatically 14 © 2012 IBM Corporation
IBM Security Systems Customize Your Network Landscape for Contextual Visibility Customize Segment & System Names for Quick Identification 15 © 2012 IBM Corporation
IBM Security Systems Pivot by Geography 16 © 2012 IBM Corporation
IBM Security Systems Dashboards & Reporting, Customized per Role 17 © 2012 IBM Corporation
IBM Security Systems User Activity Monitoring to Combat Advanced Persistent Threats User & Application Activity Monitoring alerts on a user anomaly for Oracle database access. Identify the user, normal access behavior, and the anomaly behavior – with all source & destination information to quickly resolve the threat. 18 © 2012 IBM Corporation
IBM Security Systems Baselining Complex Patterns Complex patterns can be baselined Anomalies take into account historical data—continuously May incorporate seasonality 19 © 2012 IBM Corporation
IBM Security Systems Configuration & Risk Network topology and open paths of attack add context Rules can take exposure into account to: • Prioritize offenses and remediation • Enforce policies • Play out what-if scenarios 20 © 2012 IBM Corporation
IBM Security Systems Security Intelligence Timeline Prediction & Prevention Reaction & Remediation Risk Management. Vulnerability Management. SIEM. Log Management. Incident Response. Configuration Monitoring. Patch Management. Network and Host Intrusion Prevention. X-Force Research and Threat Intelligence. Network Anomaly Detection. Packet Forensics. Compliance Management. Reporting and Scorecards. Database Activity Monitoring. Data Loss Prevention. 21 © 2012 IBM Corporation
IBM Security Systems Security Intelligence Wrap-Up Monitor all activity and correlate in real time Reduce cost & complexity, lower TCO, compliance Detect policy violations Baseline against reality (CMDB) Social media, P2P, etc. Detect suspicious behavior Privileged actions from a contractor’s workstation DNS communications with external system Detect APTs File accesses out of the norm—behavior anomaly detection Least used applications or external systems; occasional traffic Detect fraud Baseline credit pulls or trading volumes, and detect anomalies Correlate eBanking PIN change with large money transfers Forensic evidence for prosecution Impact analysis Change & configuration management 22 © 2012 IBM Corporation
IBM Security Systems IBM’s Security Intelligence, Analytics and Big Data portfolio IBM SPSS IBM i2 4 unified product family to 3 Analyst Notebook help capture, predict, helps analysts investigate discover trends, and fraud by discovering automatically deliver patterns and trends high-volume, optimized across volumes of data decisions IBM QRadar 1 Security Intelligence unified architecture for collecting, storing, IBM Big Data Platform (Streams, Big Insights, Netezza) analyzing and querying log, threat, 2 addresses the speed and flexibility required for customized data vulnerability and risk related data exploration, discovery and unstructured analysis 23 © 2012 IBM Corporation
IBM Security Systems https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=swg-Tivoli_Organic&S_PKG=ov7304 Thank You! 24 © 2012 IBM Corporation
IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will 25 necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT © 2012 IBM Corporation WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Empfohlen

Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS UK
 
Sw keynote
Sw keynoteSw keynote
Sw keynotegueste69f645
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze DataExchangeAgency
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)itforum-roundtable
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance 1CloudRoad.com
 

Empfohlen

Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS UK
 
Sw keynote
Sw keynoteSw keynote
Sw keynotegueste69f645
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze DataExchangeAgency
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)itforum-roundtable
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance 1CloudRoad.com
 
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGTrend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGtovmug
 
Good Security Whitepaper
Good Security WhitepaperGood Security Whitepaper
Good Security Whitepapergenasun
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection NetworkAndrew Wong
 
Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2olambel
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011SecutecGroup Baudewijns
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, GiuxIBMSSA
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Team Sistemi
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceAndris Soroka
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
On Demand Cloud Services Coury
On Demand Cloud Services CouryOn Demand Cloud Services Coury
On Demand Cloud Services CouryArman Sadat Hossain
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Appsec Introduction
Appsec IntroductionAppsec Introduction
Appsec IntroductionMohamed Ridha CHEBBI, CISSP
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,Information Security Awareness Group
 

Weitere ähnliche Inhalte

Was ist angesagt?

Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGTrend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGtovmug
 
Good Security Whitepaper
Good Security WhitepaperGood Security Whitepaper
Good Security Whitepapergenasun
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection NetworkAndrew Wong
 
Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2olambel
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, GiuxIBMSSA
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Team Sistemi
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceAndris Soroka
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 

Was ist angesagt? (20)

Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGTrend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUG
 
Good Security Whitepaper
Good Security WhitepaperGood Security Whitepaper
Good Security Whitepaper
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 Praesentation
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection Network
 
Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protection
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
On Demand Cloud Services Coury
On Demand Cloud Services CouryOn Demand Cloud Services Coury
On Demand Cloud Services Coury
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
Appsec Introduction
Appsec IntroductionAppsec Introduction
Appsec Introduction
 

Ähnlich wie Security Intelligence

Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Big Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceBig Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceIBM Danmark
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaIBM Danmark
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIBM Switzerland
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonPCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonIBM Danmark
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityDirk Nicol
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USIBM Danmark
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database ThreatsImperva
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management ServicesMarlabs
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in CloudLenin Aboagye
 

Ähnlich wie Security Intelligence (20)

Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
Big Data - Amplifying Security Intelligence
Big Data - Amplifying Security IntelligenceBig Data - Amplifying Security Intelligence
Big Data - Amplifying Security Intelligence
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio Panada
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonPCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud Security
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
 
Accelerate Return on Data
Accelerate Return on DataAccelerate Return on Data
Accelerate Return on Data
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 

Mehr von IBMGovernmentCA

Cge leadership summit ibm presentation public sector analytics
Cge leadership summit ibm presentation public sector analyticsCge leadership summit ibm presentation public sector analytics
Cge leadership summit ibm presentation public sector analyticsIBMGovernmentCA
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsInvestigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsIBMGovernmentCA
 
CEO Study Insights; Career Resiliency In Time of Change
CEO Study Insights; Career Resiliency In Time of ChangeCEO Study Insights; Career Resiliency In Time of Change
CEO Study Insights; Career Resiliency In Time of ChangeIBMGovernmentCA
 
Overview of IBM Capabilities
Overview of IBM CapabilitiesOverview of IBM Capabilities
Overview of IBM CapabilitiesIBMGovernmentCA
 
Business Process Management
Business Process ManagementBusiness Process Management
Business Process ManagementIBMGovernmentCA
 
Information Governance for Smarter Government Strategy and Solutions
Information Governance for Smarter Government Strategy and SolutionsInformation Governance for Smarter Government Strategy and Solutions
Information Governance for Smarter Government Strategy and SolutionsIBMGovernmentCA
 
Smarter Computing Integrated Systems
Smarter Computing Integrated SystemsSmarter Computing Integrated Systems
Smarter Computing Integrated SystemsIBMGovernmentCA
 
Smarter Software for Smarter Governments
Smarter Software for Smarter GovernmentsSmarter Software for Smarter Governments
Smarter Software for Smarter GovernmentsIBMGovernmentCA
 
Perspectives and Case Studies on Effective Theatre Base Service Management
Perspectives and Case Studies on Effective Theatre Base Service ManagementPerspectives and Case Studies on Effective Theatre Base Service Management
Perspectives and Case Studies on Effective Theatre Base Service ManagementIBMGovernmentCA
 
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network AppliancesReducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network AppliancesIBMGovernmentCA
 
Improving Defence Program Execution
Improving Defence Program ExecutionImproving Defence Program Execution
Improving Defence Program ExecutionIBMGovernmentCA
 
A Hybrid Technology Platform for Increasing the Speed of Operational Analytics
A Hybrid Technology Platform for Increasing the Speed of Operational AnalyticsA Hybrid Technology Platform for Increasing the Speed of Operational Analytics
A Hybrid Technology Platform for Increasing the Speed of Operational AnalyticsIBMGovernmentCA
 
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...IBMGovernmentCA
 
Defense Intelligence & The Information Challenge
Defense Intelligence & The Information ChallengeDefense Intelligence & The Information Challenge
Defense Intelligence & The Information ChallengeIBMGovernmentCA
 
Analytics for Smarter Defence
Analytics for Smarter DefenceAnalytics for Smarter Defence
Analytics for Smarter DefenceIBMGovernmentCA
 
Keynote phaedra boinodiris serious games beyond training from process optim...
Keynote phaedra boinodiris serious games beyond training from process optim...Keynote phaedra boinodiris serious games beyond training from process optim...
Keynote phaedra boinodiris serious games beyond training from process optim...IBMGovernmentCA
 

Mehr von IBMGovernmentCA (20)

Cge leadership summit ibm presentation public sector analytics
Cge leadership summit ibm presentation public sector analyticsCge leadership summit ibm presentation public sector analytics
Cge leadership summit ibm presentation public sector analytics
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public Sector
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsInvestigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
 
Reputational Risk
Reputational RiskReputational Risk
Reputational Risk
 
CEO Study Insights; Career Resiliency In Time of Change
CEO Study Insights; Career Resiliency In Time of ChangeCEO Study Insights; Career Resiliency In Time of Change
CEO Study Insights; Career Resiliency In Time of Change
 
Overview of IBM Capabilities
Overview of IBM CapabilitiesOverview of IBM Capabilities
Overview of IBM Capabilities
 
Business Process Management
Business Process ManagementBusiness Process Management
Business Process Management
 
Information Governance for Smarter Government Strategy and Solutions
Information Governance for Smarter Government Strategy and SolutionsInformation Governance for Smarter Government Strategy and Solutions
Information Governance for Smarter Government Strategy and Solutions
 
Smarter Computing Integrated Systems
Smarter Computing Integrated SystemsSmarter Computing Integrated Systems
Smarter Computing Integrated Systems
 
Smarter Software for Smarter Governments
Smarter Software for Smarter GovernmentsSmarter Software for Smarter Governments
Smarter Software for Smarter Governments
 
Perspectives and Case Studies on Effective Theatre Base Service Management
Perspectives and Case Studies on Effective Theatre Base Service ManagementPerspectives and Case Studies on Effective Theatre Base Service Management
Perspectives and Case Studies on Effective Theatre Base Service Management
 
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network AppliancesReducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
 
Improving Defence Program Execution
Improving Defence Program ExecutionImproving Defence Program Execution
Improving Defence Program Execution
 
A Hybrid Technology Platform for Increasing the Speed of Operational Analytics
A Hybrid Technology Platform for Increasing the Speed of Operational AnalyticsA Hybrid Technology Platform for Increasing the Speed of Operational Analytics
A Hybrid Technology Platform for Increasing the Speed of Operational Analytics
 
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...
Social Networks the Next Emerging Spectrum in Asymmetric Warfare and Counter ...
 
Defense Intelligence & The Information Challenge
Defense Intelligence & The Information ChallengeDefense Intelligence & The Information Challenge
Defense Intelligence & The Information Challenge
 
Analytics for Smarter Defence
Analytics for Smarter DefenceAnalytics for Smarter Defence
Analytics for Smarter Defence
 
Keynote phaedra boinodiris serious games beyond training from process optim...
Keynote phaedra boinodiris serious games beyond training from process optim...Keynote phaedra boinodiris serious games beyond training from process optim...
Keynote phaedra boinodiris serious games beyond training from process optim...
 
Where Ideas Come From
Where Ideas Come FromWhere Ideas Come From
Where Ideas Come From
 
What Are The Chances
What Are The ChancesWhat Are The Chances
What Are The Chances
 

Kürzlich hochgeladen

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Kürzlich hochgeladen (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 

Security Intelligence

  • 1. IBM Security Systems Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 © 2012 IBM Corporation 1 © 2012 IBM Corporation
  • 2. IBM Security Systems Securing Information Resources is a Multi-Dimensional Puzzle Employees Hackers Outsourcers Outsourcers Suppliers People Consultants Terrorists Customers Customers Data Structured Structured Unstructured Unstructured At rest In motion In motion Systems Systems Web Mobile Applications Applications Web2.0 Web 2.0 Mobile apps applications Applications Applications Infrastructure It is no longer possible to define and protect the perimeter, but demands a focus on JK 2012-04-26 protecting data. Point products are not sufficient to protect the enterprise. 2 © 2012 IBM Corporation
  • 3. IBM Security Systems Getting Intimate with Your Computing Environment How well do you know: Applications? Owners? Activity patterns? Where sensitive data resides? Network activity patterns? 3 © 2012 IBM Corporation
  • 4. IBM Security Systems Why Take the Red Pill? What’s normal? what’s suspect? 4 © 2012 IBM Corporation
  • 5. IBM Security Systems How to Get There: Security Intelligence Users & Identities Security Devices Event Correlation Servers & Hosts • Logs • IP Reputation • Flows • Geo Location Network & Virtual Activity Offense Identification Activity Baselining & Anomaly • Credibility Vulnerability Info Detection • Severity • Relevance • User Activity Application Activity • Database Activity • Application Activity Database Activity • Network Activity Configuration Info Suspected Incidents Extensive Data Deep Exceptionally Accurate and Sources + Intelligence = Actionable Insight 5 © 2012 IBM Corporation
  • 6. IBM Security Systems What is Security Intelligence? Security Intelligence --noun 1.the real-time collectionnormalization andanalytics of the collection,normalization collectionnormalization, analytics analytics data generated by users, applications and infrastructure that impacts the IT security and risk posture of an enterprise Security Intelligence provides actionable and comprehensive insight for managing risks and threats from protection and detection through remediation 6 © 2012 IBM Corporation
  • 7. IBM Security Systems Activity and Data Access Monitoring Visualize Data Risks Automated charting and reporting on potential attacks Correlate System, Application, & Network Activity Enrich security alerts with anomaly detection and flow analysis Detect suspicious activity before it leads to a breach 360-degree visibility helps distinguish true breaches from benign activity, in real time 7 © 2012 IBM Corporation
  • 8. IBM Security Systems Top Events by Log Type and Count 8 © 2012 IBM Corporation
  • 9. IBM Security Systems Top Flows by Application and Total Bytes 9 © 2012 IBM Corporation
  • 10. IBM Security Systems …and Bottom Flows 10 © 2012 IBM Corporation
  • 11. IBM Security Systems Data Leakage Who is responsible for the data leak? Alert on data patterns, such as credit card number, in real time. 11 © 2012 IBM Corporation
  • 12. IBM Security Systems Passively Discover & Profile Assets with NetFlow & QFlow 12 © 2012 IBM Corporation
  • 13. IBM Security Systems Enrich the Asset Database with VA Scans, Manually, CMDB Import 13 © 2012 IBM Corporation
  • 14. IBM Security Systems Update Rules Automatically 14 © 2012 IBM Corporation
  • 15. IBM Security Systems Customize Your Network Landscape for Contextual Visibility Customize Segment & System Names for Quick Identification 15 © 2012 IBM Corporation
  • 16. IBM Security Systems Pivot by Geography 16 © 2012 IBM Corporation
  • 17. IBM Security Systems Dashboards & Reporting, Customized per Role 17 © 2012 IBM Corporation
  • 18. IBM Security Systems User Activity Monitoring to Combat Advanced Persistent Threats User & Application Activity Monitoring alerts on a user anomaly for Oracle database access. Identify the user, normal access behavior, and the anomaly behavior – with all source & destination information to quickly resolve the threat. 18 © 2012 IBM Corporation
  • 19. IBM Security Systems Baselining Complex Patterns Complex patterns can be baselined Anomalies take into account historical data—continuously May incorporate seasonality 19 © 2012 IBM Corporation
  • 20. IBM Security Systems Configuration & Risk Network topology and open paths of attack add context Rules can take exposure into account to: • Prioritize offenses and remediation • Enforce policies • Play out what-if scenarios 20 © 2012 IBM Corporation
  • 21. IBM Security Systems Security Intelligence Timeline Prediction & Prevention Reaction & Remediation Risk Management. Vulnerability Management. SIEM. Log Management. Incident Response. Configuration Monitoring. Patch Management. Network and Host Intrusion Prevention. X-Force Research and Threat Intelligence. Network Anomaly Detection. Packet Forensics. Compliance Management. Reporting and Scorecards. Database Activity Monitoring. Data Loss Prevention. 21 © 2012 IBM Corporation
  • 22. IBM Security Systems Security Intelligence Wrap-Up Monitor all activity and correlate in real time Reduce cost & complexity, lower TCO, compliance Detect policy violations Baseline against reality (CMDB) Social media, P2P, etc. Detect suspicious behavior Privileged actions from a contractor’s workstation DNS communications with external system Detect APTs File accesses out of the norm—behavior anomaly detection Least used applications or external systems; occasional traffic Detect fraud Baseline credit pulls or trading volumes, and detect anomalies Correlate eBanking PIN change with large money transfers Forensic evidence for prosecution Impact analysis Change & configuration management 22 © 2012 IBM Corporation
  • 23. IBM Security Systems IBM’s Security Intelligence, Analytics and Big Data portfolio IBM SPSS IBM i2 4 unified product family to 3 Analyst Notebook help capture, predict, helps analysts investigate discover trends, and fraud by discovering automatically deliver patterns and trends high-volume, optimized across volumes of data decisions IBM QRadar 1 Security Intelligence unified architecture for collecting, storing, IBM Big Data Platform (Streams, Big Insights, Netezza) analyzing and querying log, threat, 2 addresses the speed and flexibility required for customized data vulnerability and risk related data exploration, discovery and unstructured analysis 23 © 2012 IBM Corporation
  • 24. IBM Security Systems https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=swg-Tivoli_Organic&S_PKG=ov7304 Thank You! 24 © 2012 IBM Corporation
  • 25. IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will 25 necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT © 2012 IBM Corporation WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.