The Evolving Security Market SIEM: The Failed Strategy USM - Can 11,000 customers be wrong? Architecting the Perfect Sale with AlienVault

1. Channel Partner Training:
“So Many Security Products to Sell to My Customers…So Why AlienVault? Why Now?”
JUSTIN ENDRES
SVP OF WORLDWIDE SALES

2. BEFORE WE GET STARTED…
* General Housekeeping
* Today’s session is interactive!
We have 1 hour together so please Ask Questions!!!
We’ll try to provide answers in context as we go along
* Today’s session is being recorded
Recorded session will be sent to all attendees to distribute

3. AGENDA
• The Threat Landscape: Our NEW Reality
• Are companies spending on IT Security?
• SIEM: ”A Failed Strategy”
• USM - Can 11,000 customers be wrong?
• Architecting the Perfect Sale with AlienVault
• Questions & Answers

4. ARE CUSTOMERS SPENDING ON IT SECURITY?
YES…and spending a lot. Some might suggest “Too Much”
“Network Security spending to surge in 2014” – ZDNet
- 62% of organizations expect to increase spend from 2013 to 2014
- 63% of organizations want to improve threat detection monitoring
- 57% of organizations want to buy from 1 vendor to simplify management
Despite the $67.2 Billion spent on IT security (Gartner) in the US alone each
year – are we gaining on the problem?

5. • More and more organizations are finding themselves in the crosshairs of various bad actors
for a variety of reasons.
• The number of organizations experiencing high profile breaches is unprecedented.
• The “security arms race” cannot continue indefinitely as the economics of securing your
organization is stacked so heavily in favor of those launching attacks that incremental security
investments are seen as impractical. We must turn the tables.
THREAT LANDSCAPE: “OUR NEW REALITY”

6. • Organizations (mid-market AND enterprise) are demanding solutions that are scalable, cost
effective, and manageable.
• Enterprises are shifting spend toward consolidated solutions that offer better
integration, manageability and economic leverage. (example UTM)
• Organizations are looking to augment their own in-house expertise with a vendor who
continues to offer their teams insight into issues across the threat landscape
THREAT LANDSCAPE: “OUR NEW REALITY” ‘continued’
84%
of organizations breached
had evidence of the
breach in their log files…

7. DESPITE THE BILLIONS SPENT…
** Mandiant MTrends 2013 Threat Report
Source: Verizon 2013 Data Breach Investigations Report
…VENDORS ARE FAILING CUSTOMERS

8. IN THE PAST YEAR…
• 90% of US businesses suffered some sort of hacking attack*
• 77% of victims attacked more than once*
• 198 US nuclear and power facilities attacked**
• $120B in damages to US businesses due to cybercrime***
• $1 Trillion in intellectual property worldwide stolen*
We’ve seen the stats; HOWEVER what’s lost of most is
the SOPHISTICATION of these attacks
…“BAD ACTORS” ARE MORE DANGEROUS THAN EVER
* = http://www.clubcloudcomputing.com/2013/01/infographic-on-hacking-statistics/
** = http://money.cnn.com/2013/01/09/technology/security/infrastructure-cyberattacks/
*** = http://mcaf.ee/1xk9a

9. TRADITIONAL SECURITY COMPLEX, EXPENSIVE
GIVEN THE 10 MOST RECOMMENDED TECHNOLOGIES
AND THE PRICING RANGE, AN ORGANIZATION COULD
EXPECT TO SPEND ANYWHERE FROM $225,000 TO
$1.46M IN ITS FIRST YEAR, INCLUDING TECHNOLOGY
AND STAFF.
SOURCE: THE REAL COST OF SECURITY, 451 RESEARCH,
APRIL 2013
FACTOR INTO THIS:
INITIAL LICENSING COSTS
IMPLEMENTATION / OPTIMIZATION COSTS
ONGOING MANAGEMENT COSTS
RENEWAL COSTS
INTEGRATION OF ALL SECURITY TECHNOLOGIES
TRAINING OF PERSONNEL/INCOMING PERSONNEL

10. HAS SIEM DELIVERED SECURITY “VISIBILITY”?
77%
of organizations
DON’T believe that SIEM
solutions are delivering
the value promised.
These same companies believe it’s the
product/vendor. Is it possible that neither are to
blame? Could it be the approach?

11. SO WHY ARE SIEM SOLUTIONS FAILING?
• High price-tag makes SIEM cost-prohibitive for most.
-- Ok, but what about those who can afford it?
• Events alone do not provide enough context to combat today’s threats.
-- Continuous threat data is needed, more context needed
• Complex usability directly contribute to high costs associated to ongoing
management
-- Dedicated resources are needed for all SIEM vendor solutions. Remember
the target market.
• Integration of multiple technologies challenging
-- Ok, but once they are all integrated; that shouldn’t be a concern right?

12. THE “BIGGEST” REASON SIEM SOLUTIONS FAIL?
• CORRELATION is left up to the end user to own. SIEM vendors DON’T help here.
What’s worse – they CAN’T.
Remember this Graph?
During the evaluation the vendor does:
• The deployment of the SIEM
• Integration of all the data sources
• Builds the correlation rules for the customer
• Develops the reports for the customer
• Leverages ‘point in time’ threat data
• Manages the system
So what’s wrong with that?
Nothing…as long as the vendor remains onsite; otherwise the cycle continues.

13. “PLEASE…NOT ANOTHER SECURITY PRODUCT.”

14. PRODUCT OVERVIEW
Unified Security Management
The complete set of integrated tools, crowd-sourced threat intelligence &
proprietary security research
Security made unified, simple and affordable

15. UNIFIED SECURITY MANAGEMENT
Unified Security
Management
5 Essential Capabilities for Unified Security Management
Asset
Discovery
Vulnerability
Assessment
Threat
Detection
Behavioral
Monitoring
Security
Intelligence
• All of this value combined into one solution
• Priced for any budget
• Designed for any type of user
• Continually updated with the latest threat intelligence
• Supported by a community of security peers and experts
Security Intelligence through integration we do, not
your end-user

16. Security
Intelligence
Asset
Discovery
Vulnerability
Assessment
Threat Detection
Behavioral
Monitoring
powered by
AV Labs Threat
Intelligence
USM • Active Network Scanning
• Passive Network Scanning
• Asset Inventory
• Host-based Software
Inventory
• Continuous
Vulnerability Monitoring
• Authenticated /
Unauthenticated Active
Scanning
• Log Collection
• Netflow Analysis
• Service Availability Monitoring
• SIEM Event Correlation
• Incident Response
• Network IDS
• Host IDS
• Wireless IDS
• File Integrity Monitoring
USM PRODUCT CAPABILITIES

17. OTX: WORLD’S LARGEST OPEN THREAT EXCHANGE
8,000 collection points in
140+ countries
100,000 malicious IPs
validated every day
500,000 malware samples
analyzed per day

18. • Sell through large MSSPs (Telcos)
Enterprise Class
Full Security Staff
Enterprise Class
Mid Market and Departmental
Enterprise
Limited Security Staff
• MSSPs
• Cloud providers
SMB
No Security Staff
AlienVault Community
 Engaged community of
customers, open source
users and threat sharing
contributors
WE SERVE ALL MARKETS: ENTERPRISE PRODUCT AT AN AFFORDABLE PRICE
There are millions of mid-market organizations around
the world
• $50M to $500M in revenue
• 500 to 5,000 employees
We also serve organizations of any size that lack:
⇾ Sufficient staff
⇾ Security expertise
⇾ Technology
⇾ Budget

19. CUSTOMERS
MSSPs End-User Customers

20. OUR COMPANY
Experienced Management Team
$66.4M in Financing
Our Mission
To build security products for the underserved mid-market

21. Engage AlienVault Early/Often
Inside of a Deal Cycle:
• Register deals early to lock in additional margins
• Leverage AlienVault Pre-Sales Engineers to support your demo
• Leverage AlienVault Pre-Sales Engineers to conduct evaluations
Other Engagements:
• Training for your internal sales team
• Marketing events in your region
• Webcasts/Joint-Webcasts to support lead generation within your customer base
• Online Marketing campaigns/templates
partners@alienvault.com

22. partners@alienvault.com
www.alienvault.com
30-Day Free Trial
(Fully featured)

23. THANK YOU