SlideShare ist ein Scribd-Unternehmen logo

Fns Incident Management Powered By En Case

T
tbeckwith

Incident Management Practice powered by EnCase

1 von 4
Downloaden Sie, um offline zu lesen
Securely Enabling Business FishNet Security Incident Management Powered by EnCase® Cybersecurity Overview Banking Trojans, Spear Phishing, SQL Injection Attacks, Polymorphic Malware … threats that were relatively rare or unknown a few years IMF Key Domains ago are causing security teams across the globe to rethink their • Communication security strategies as the traditional security approach of “putting up ͳͳ Internal more walls” has been proven to be less effective against a determined adversary. One security discipline rising to meet these challenges is ͳͳ External Incident Management and Response. Organizations are moving to • Collection of Information what is being referred to as a “zero trust” or “lean forward” model of ͳͳ Acquisition implementing policy and procedures around the assumption that they ͳͳ Chain of Custody may have already been compromised and just don’t know it yet. ͳͳ Data Retention Incident Management refers to not only ensuring policies are in place • Analysis to expose potential threats that may have evaded perimeter defenses, ͳͳ Technical but also that an organization is able to move quickly when a data ͳͳ Operational breach does occur to minimize the impact, cost, recovery time and reoccurrence of each incident. • Containment ͳͳ Emergency Action Plans (EAP) • Mitigation Solution ͳͳ Remediation FishNet Security and Guidance Software have partnered to provide ͳͳ Prevention a complete incident management solution designed to address the ͳͳ Testing gaps left by the traditional layered security through a combination of • Legal Counsel skilled resources, proven methodology and cutting-edge technology. ͳͳ Litigation Hold The approach is designed to enable organizations to adopt a “lean ͳͳ Request for Discovery forward” approach, exposing potential risks to a network before those vulnerabilities are fully exploited and used to exfiltrate data as well as ͳͳ Liability to ensure an organization is completely prepared in the event of a data • Immediate Response breach. ͳͳ Active ͳͳ Passive • Documentation ͳͳ Procedures ͳͳ Formal IR Plan TM ͳͳ Operational ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
FishNet Security Incident Management Powered by EnCase® Cybersecurity FishNet Security Program Today’s Threat Landscape FishNet Security facilitates an approach tailored to the unique Today, cyber crime is a for-profit aspects of your organization industry with huge financial and network architecture. motivation to break into your Our consultants recognize network and steal your valuable business drivers and goals, data. As such, the attackers and tailor solutions to meet have spent time and resources the specific initiatives of each to learn about your defenses organization. The end result is an and create highly specialized effective Incident Management malware designed to evade Framework (IMF) tailored to a those very defenses. Examples of customer’s environment and these types of advanced threats based on industry-accepted include: standards of best practice. FishNet Security provides • Custom Malicious Code services to help organizations • Polymorphic Malware respond quickly to incidents, • Hacktivism develop overall incident management programs, and • 0-day Attack Vectors test their incident response • Exfiltration of Sensitive capabilities. Our consultants Data use industry-best practices to assist clients in the growth • Memory Resident and maturity of their incident Malware management programs. • Anti-virus Targeted FishNet Security also provides Malware skilled consultants certified in • Encrypted Malicious incident response and forensic Code Execution best practices to respond quickly to any urgent need. Our rapid response team can be in motion anywhere in the world within 24 hours to coordinate a response and conduct a full investigation of the incident. The team also will take the proper steps to mitigate risk and potential fallout. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
FishNet Security Incident Management Powered by EnCase® Cybersecurity Guidance Software - EnCase® Cybersecurity EnCase Cybersecurity is an all-in-one software solution that provides information security and incident response teams with the ability to dynamically expose covert malicious code, including polymorphic code, and proactively identify unknown threats to endpoints in any networked environment. With EnCase Cybersecurity, organizations can shift from a reactive to a proactive approach by zeroing in on potential threats, completely recovering computers from malicious code infiltration and drastically reducing the cost and time associated with response and recovery. And if an incident does occur, the EnCase Cybersecurity solution provides everything an organization needs to quickly and effectively respond and answer critical questions essential to mitigate the risk of an incident, such as: • Where in the network did the threat originate? • How did the threat spread across the network? • What is the full scope of the intrusion? • How has the threat evolved? • And more … EnCase Cybersecurity includes unique capabilities that put organizations one step ahead of those who wish to compromise corporate networks. With the ability to triage for covert threats, perform detailed memory analysis, and leverage advanced algorithms to determine code similarity, EnCase Cybersecurity allows organizations to recover from the most evasive threats. Adaptive Defense FishNet Security investigators leverage the advanced capabilities of EnCase Cybersecurity to enable organizations with the tools and resources necessary to expose and respond to the types of advanced threats that may have already penetrated your layered defenses. Experienced examiners work with internal resources to identify, contain, profile and eradicate the malicious code. This is achieved through EnCase Cybersecurity by exposing unknowns, analyzing anomalous behavior and determining the true scope of infection or breach. A unique aspect of this approach lies in powerful patent-pending similar-file analysis capabilities of EnCase Cybersecurity, which allows a single iteration of the offending malicious code to be used to find all like iterations across the enterprise. This is useful when attackers are able to change the signature of a piece of malware each time it copies itself to another device on the network. Because this approach does not rely on a static signature or behavioral trait like traditional solutions, it provides a truly adaptive defense against emerging threats. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
FishNet Security Incident Management Powered by EnCase® Cybersecurity Comprehensive Containment During a security incident, one of the primary concerns is containment of the event and ensuring sensitive data is accounted for and has not been compromised. With the ever-increasing speed and complexity of information technology infrastructures, the ability to fully quantify an event can be very time-consuming. Environments span continents, contain thousands upon thousands of nodes, and each endpoint can have terabytes of data. Ensuring proper containment and validation of data can prove infeasible if not for enterprise grade tools such as EnCase Cybersecurity. FishNet Security investigators understand the complexities of today’s environments as well as the attack profile used by malicious individuals. Combined with the power of EnCase Cybersecurity, they can help work toward comprehensive containment of an event. Each endpoint can be scanned for malicious code, unauthorized sensitive data, insecure operating configurations, and various other known security weaknesses that are independent of known signatures or behaviors. Identified endpoints can then be remediated to bring the device back into a secure state that meets with internal compliancy requirements. Finally, certain elements of the newly exposed malware can be retained and scanned against on an ongoing basis to ensure the threat or similar threats are not reintroduced into your environment. Information gleaned through a proper incident management framework gives your security team the intelligence they need to better tailor defenses against subsequent attack and to move away from the never-ending game of “malware whack-a-mole.” About FishNet Security We Focus on the Threat so You can Focus on the Opportunity. Committed to security excellence, FishNet Security is the #1 provider of information security solutions that combine technology, services, support and training. FishNet Security solutions have enabled more than 5,000 clients to better manage risk, meet compliance requirements and reduce cost while maximizing security effectiveness and operational efficiency. For more information about FishNet Security, visit www.fishnetsecurity.com. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.

Empfohlen

Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesJorge Sebastiao
 
Gainful Information Security 2012 services
Gainful Information Security 2012 servicesGainful Information Security 2012 services
Gainful Information Security 2012 servicesCade Zvavanjanja
 
Cyber Security C2
Cyber Security C2Cyber Security C2
Cyber Security C2lamcindoe
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Quarterly Security Meeting (Shelter in Place)
Quarterly Security Meeting (Shelter in Place)Quarterly Security Meeting (Shelter in Place)
Quarterly Security Meeting (Shelter in Place)Frank Margulis
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?mlevtov
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 

Empfohlen

Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesJorge Sebastiao
 
Gainful Information Security 2012 services
Gainful Information Security 2012 servicesGainful Information Security 2012 services
Gainful Information Security 2012 servicesCade Zvavanjanja
 
Cyber Security C2
Cyber Security C2Cyber Security C2
Cyber Security C2lamcindoe
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Quarterly Security Meeting (Shelter in Place)
Quarterly Security Meeting (Shelter in Place)Quarterly Security Meeting (Shelter in Place)
Quarterly Security Meeting (Shelter in Place)Frank Margulis
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?Hurricane Preparedness - Are You Ready?
Hurricane Preparedness - Are You Ready?mlevtov
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
TA security
TA securityTA security
TA securitykesavars
 
Stone gate ips
Stone gate ipsStone gate ips
Stone gate ipsMultibyte Consultoria
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
CDW Security Practice
CDW Security PracticeCDW Security Practice
CDW Security Practicetimmay0220
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value SheetDynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value SheetClear Technologies
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
DamballaOverview
DamballaOverviewDamballaOverview
DamballaOverviewDavid C. Petty
 
The TTPs of hard hat incident response
The TTPs of hard hat incident responseThe TTPs of hard hat incident response
The TTPs of hard hat incident responseHinne Hettema
 
Business Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalBusiness Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalHossam Hassanien
 
Security Feature Cover Story
Security Feature Cover StorySecurity Feature Cover Story
Security Feature Cover StoryTorrid Networks Private Limited
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Trend Micro (EMEA) Limited
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Data Security Metricsa Value Based Approach
Data Security Metricsa Value Based ApproachData Security Metricsa Value Based Approach
Data Security Metricsa Value Based ApproachFlaskdata.io
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutionsZsolt Nemeth
 
Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliancetbeckwith
 
Where Is Your Sensitive Data Wp
Where Is Your Sensitive Data WpWhere Is Your Sensitive Data Wp
Where Is Your Sensitive Data Wptbeckwith
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
TA security
TA securityTA security
TA securitykesavars
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
CDW Security Practice
CDW Security PracticeCDW Security Practice
CDW Security Practicetimmay0220
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value SheetDynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value SheetClear Technologies
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
The TTPs of hard hat incident response
The TTPs of hard hat incident responseThe TTPs of hard hat incident response
The TTPs of hard hat incident responseHinne Hettema
 
Business Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalBusiness Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalHossam Hassanien
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Data Security Metricsa Value Based Approach
Data Security Metricsa Value Based ApproachData Security Metricsa Value Based Approach
Data Security Metricsa Value Based ApproachFlaskdata.io
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutionsZsolt Nemeth
 

Was ist angesagt? (20)

Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approach
 
TA security
TA securityTA security
TA security
 
Stone gate ips
Stone gate ipsStone gate ips
Stone gate ips
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
CDW Security Practice
CDW Security PracticeCDW Security Practice
CDW Security Practice
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
 
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value SheetDynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value Sheet
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber Attacks
 
DamballaOverview
DamballaOverviewDamballaOverview
DamballaOverview
 
The TTPs of hard hat incident response
The TTPs of hard hat incident responseThe TTPs of hard hat incident response
The TTPs of hard hat incident response
 
Business Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach FinalBusiness Intelligence In Cloud Computing A Tokenization Approach Final
Business Intelligence In Cloud Computing A Tokenization Approach Final
 
Security Feature Cover Story
Security Feature Cover StorySecurity Feature Cover Story
Security Feature Cover Story
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crain
 
Data Security Metricsa Value Based Approach
Data Security Metricsa Value Based ApproachData Security Metricsa Value Based Approach
Data Security Metricsa Value Based Approach
 
Security assessment for financial institutions
Security assessment for financial institutionsSecurity assessment for financial institutions
Security assessment for financial institutions
 

Andere mochten auch

Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliancetbeckwith
 
Where Is Your Sensitive Data Wp
Where Is Your Sensitive Data WpWhere Is Your Sensitive Data Wp
Where Is Your Sensitive Data Wptbeckwith
 
Series A: Negotiating Term Sheets
Series A: Negotiating Term SheetsSeries A: Negotiating Term Sheets
Series A: Negotiating Term SheetsRicklawboston
 
Original Student Poetry
Original Student PoetryOriginal Student Poetry
Original Student Poetrysleblanc
 
WWII Presentation
WWII PresentationWWII Presentation
WWII Presentationsleblanc
 
Student-Made Mythology Trading Cards
Student-Made Mythology Trading CardsStudent-Made Mythology Trading Cards
Student-Made Mythology Trading Cardssleblanc
 

Andere mochten auch (7)

Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliance
 
Where Is Your Sensitive Data Wp
Where Is Your Sensitive Data WpWhere Is Your Sensitive Data Wp
Where Is Your Sensitive Data Wp
 
Series A: Negotiating Term Sheets
Series A: Negotiating Term SheetsSeries A: Negotiating Term Sheets
Series A: Negotiating Term Sheets
 
128icg Re Boards
128icg Re Boards128icg Re Boards
128icg Re Boards
 
Original Student Poetry
Original Student PoetryOriginal Student Poetry
Original Student Poetry
 
WWII Presentation
WWII PresentationWWII Presentation
WWII Presentation
 
Student-Made Mythology Trading Cards
Student-Made Mythology Trading CardsStudent-Made Mythology Trading Cards
Student-Made Mythology Trading Cards
 

Ähnlich wie Fns Incident Management Powered By En Case

Xero Risk Product Presentation V3.2
Xero Risk Product Presentation V3.2Xero Risk Product Presentation V3.2
Xero Risk Product Presentation V3.2Carl Booth
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
Ta Security
Ta SecurityTa Security
Ta Securityjothsna
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)OnRamp
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Managed firewall service.
Managed firewall service.Managed firewall service.
Managed firewall service.Mindtree Ltd.
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...Accenture Technology
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Application Security
Application SecurityApplication Security
Application Securityonenolesguy
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Risk Taker Product Presentation V1.0 7th January 2008
Risk Taker Product Presentation V1.0 7th January 2008Risk Taker Product Presentation V1.0 7th January 2008
Risk Taker Product Presentation V1.0 7th January 2008Carl Booth
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
 
Information Security Shake-Up
Information Security Shake-Up Information Security Shake-Up
Information Security Shake-Up EMC
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 

Ähnlich wie Fns Incident Management Powered By En Case (20)

Xero Risk Product Presentation V3.2
Xero Risk Product Presentation V3.2Xero Risk Product Presentation V3.2
Xero Risk Product Presentation V3.2
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Ta Security
Ta SecurityTa Security
Ta Security
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Managed firewall service.
Managed firewall service.Managed firewall service.
Managed firewall service.
 
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
For the CISO: Continuous Cyber Attacks - Achieving Operational Excellence for...
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
Application Security
Application SecurityApplication Security
Application Security
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Risk Taker Product Presentation V1.0 7th January 2008
Risk Taker Product Presentation V1.0 7th January 2008Risk Taker Product Presentation V1.0 7th January 2008
Risk Taker Product Presentation V1.0 7th January 2008
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
Information Security Shake-Up
Information Security Shake-Up Information Security Shake-Up
Information Security Shake-Up
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReport
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber Resilience
 

Mehr von tbeckwith

Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodologytbeckwith
 
Identity Access Management Fishnet Security
Identity Access Management Fishnet SecurityIdentity Access Management Fishnet Security
Identity Access Management Fishnet Securitytbeckwith
 
Fishnet Security Overview
Fishnet Security OverviewFishnet Security Overview
Fishnet Security Overviewtbeckwith
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile Securitytbeckwith
 
Fish Net Security Overview
Fish Net Security OverviewFish Net Security Overview
Fish Net Security Overviewtbeckwith
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Reporttbeckwith
 

Mehr von tbeckwith (6)

Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
 
Identity Access Management Fishnet Security
Identity Access Management Fishnet SecurityIdentity Access Management Fishnet Security
Identity Access Management Fishnet Security
 
Fishnet Security Overview
Fishnet Security OverviewFishnet Security Overview
Fishnet Security Overview
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile Security
 
Fish Net Security Overview
Fish Net Security OverviewFish Net Security Overview
Fish Net Security Overview
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Report
 

Fns Incident Management Powered By En Case

  • 1. Securely Enabling Business FishNet Security Incident Management Powered by EnCase® Cybersecurity Overview Banking Trojans, Spear Phishing, SQL Injection Attacks, Polymorphic Malware … threats that were relatively rare or unknown a few years IMF Key Domains ago are causing security teams across the globe to rethink their • Communication security strategies as the traditional security approach of “putting up ͳͳ Internal more walls” has been proven to be less effective against a determined adversary. One security discipline rising to meet these challenges is ͳͳ External Incident Management and Response. Organizations are moving to • Collection of Information what is being referred to as a “zero trust” or “lean forward” model of ͳͳ Acquisition implementing policy and procedures around the assumption that they ͳͳ Chain of Custody may have already been compromised and just don’t know it yet. ͳͳ Data Retention Incident Management refers to not only ensuring policies are in place • Analysis to expose potential threats that may have evaded perimeter defenses, ͳͳ Technical but also that an organization is able to move quickly when a data ͳͳ Operational breach does occur to minimize the impact, cost, recovery time and reoccurrence of each incident. • Containment ͳͳ Emergency Action Plans (EAP) • Mitigation Solution ͳͳ Remediation FishNet Security and Guidance Software have partnered to provide ͳͳ Prevention a complete incident management solution designed to address the ͳͳ Testing gaps left by the traditional layered security through a combination of • Legal Counsel skilled resources, proven methodology and cutting-edge technology. ͳͳ Litigation Hold The approach is designed to enable organizations to adopt a “lean ͳͳ Request for Discovery forward” approach, exposing potential risks to a network before those vulnerabilities are fully exploited and used to exfiltrate data as well as ͳͳ Liability to ensure an organization is completely prepared in the event of a data • Immediate Response breach. ͳͳ Active ͳͳ Passive • Documentation ͳͳ Procedures ͳͳ Formal IR Plan TM ͳͳ Operational ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
  • 2. FishNet Security Incident Management Powered by EnCase® Cybersecurity FishNet Security Program Today’s Threat Landscape FishNet Security facilitates an approach tailored to the unique Today, cyber crime is a for-profit aspects of your organization industry with huge financial and network architecture. motivation to break into your Our consultants recognize network and steal your valuable business drivers and goals, data. As such, the attackers and tailor solutions to meet have spent time and resources the specific initiatives of each to learn about your defenses organization. The end result is an and create highly specialized effective Incident Management malware designed to evade Framework (IMF) tailored to a those very defenses. Examples of customer’s environment and these types of advanced threats based on industry-accepted include: standards of best practice. FishNet Security provides • Custom Malicious Code services to help organizations • Polymorphic Malware respond quickly to incidents, • Hacktivism develop overall incident management programs, and • 0-day Attack Vectors test their incident response • Exfiltration of Sensitive capabilities. Our consultants Data use industry-best practices to assist clients in the growth • Memory Resident and maturity of their incident Malware management programs. • Anti-virus Targeted FishNet Security also provides Malware skilled consultants certified in • Encrypted Malicious incident response and forensic Code Execution best practices to respond quickly to any urgent need. Our rapid response team can be in motion anywhere in the world within 24 hours to coordinate a response and conduct a full investigation of the incident. The team also will take the proper steps to mitigate risk and potential fallout. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
  • 3. FishNet Security Incident Management Powered by EnCase® Cybersecurity Guidance Software - EnCase® Cybersecurity EnCase Cybersecurity is an all-in-one software solution that provides information security and incident response teams with the ability to dynamically expose covert malicious code, including polymorphic code, and proactively identify unknown threats to endpoints in any networked environment. With EnCase Cybersecurity, organizations can shift from a reactive to a proactive approach by zeroing in on potential threats, completely recovering computers from malicious code infiltration and drastically reducing the cost and time associated with response and recovery. And if an incident does occur, the EnCase Cybersecurity solution provides everything an organization needs to quickly and effectively respond and answer critical questions essential to mitigate the risk of an incident, such as: • Where in the network did the threat originate? • How did the threat spread across the network? • What is the full scope of the intrusion? • How has the threat evolved? • And more … EnCase Cybersecurity includes unique capabilities that put organizations one step ahead of those who wish to compromise corporate networks. With the ability to triage for covert threats, perform detailed memory analysis, and leverage advanced algorithms to determine code similarity, EnCase Cybersecurity allows organizations to recover from the most evasive threats. Adaptive Defense FishNet Security investigators leverage the advanced capabilities of EnCase Cybersecurity to enable organizations with the tools and resources necessary to expose and respond to the types of advanced threats that may have already penetrated your layered defenses. Experienced examiners work with internal resources to identify, contain, profile and eradicate the malicious code. This is achieved through EnCase Cybersecurity by exposing unknowns, analyzing anomalous behavior and determining the true scope of infection or breach. A unique aspect of this approach lies in powerful patent-pending similar-file analysis capabilities of EnCase Cybersecurity, which allows a single iteration of the offending malicious code to be used to find all like iterations across the enterprise. This is useful when attackers are able to change the signature of a piece of malware each time it copies itself to another device on the network. Because this approach does not rely on a static signature or behavioral trait like traditional solutions, it provides a truly adaptive defense against emerging threats. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.
  • 4. FishNet Security Incident Management Powered by EnCase® Cybersecurity Comprehensive Containment During a security incident, one of the primary concerns is containment of the event and ensuring sensitive data is accounted for and has not been compromised. With the ever-increasing speed and complexity of information technology infrastructures, the ability to fully quantify an event can be very time-consuming. Environments span continents, contain thousands upon thousands of nodes, and each endpoint can have terabytes of data. Ensuring proper containment and validation of data can prove infeasible if not for enterprise grade tools such as EnCase Cybersecurity. FishNet Security investigators understand the complexities of today’s environments as well as the attack profile used by malicious individuals. Combined with the power of EnCase Cybersecurity, they can help work toward comprehensive containment of an event. Each endpoint can be scanned for malicious code, unauthorized sensitive data, insecure operating configurations, and various other known security weaknesses that are independent of known signatures or behaviors. Identified endpoints can then be remediated to bring the device back into a secure state that meets with internal compliancy requirements. Finally, certain elements of the newly exposed malware can be retained and scanned against on an ongoing basis to ensure the threat or similar threats are not reintroduced into your environment. Information gleaned through a proper incident management framework gives your security team the intelligence they need to better tailor defenses against subsequent attack and to move away from the never-ending game of “malware whack-a-mole.” About FishNet Security We Focus on the Threat so You can Focus on the Opportunity. Committed to security excellence, FishNet Security is the #1 provider of information security solutions that combine technology, services, support and training. FishNet Security solutions have enabled more than 5,000 clients to better manage risk, meet compliance requirements and reduce cost while maximizing security effectiveness and operational efficiency. For more information about FishNet Security, visit www.fishnetsecurity.com. ID#11SS0037 Last Modified 09.20.2011 Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406 © 2011 FishNet Security. All rights reserved.