#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

Micro Focus
Micro Focus Micro Focus
Security & Identity
Analytics
How Security and Identity Analytics can Drive
Adaptive Defence
Adam Evans | Senior Identity & Access Specialist | 24th February 2016
Source: PwC 2016 Global State of Information Security Survey
(Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%)
Hacking is Big Business…
The average annual
Monetary loss was
$2.5m (£1.75m)
per organisation
Finding the weak links – a full-time job
• Social media
• Link clickers
• Weak passwords
Adapting to Controls
“Enterprises are having a difficult
time hiring skilled people as it takes
53% of organisations between 3 and
6 months to fill a position and 10%
cannot fill them at all.”
Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015”
Meanwhile, as the threat evolves…
Provide the limited
professionals we have
with the best information
for rapid decision making
Analytics applies algorithms or
machine learning to the
“advisor feeds” for specific use
cases
At Micro Focus, we believe that
Identity and Security Analytics
holds the greatest hope of leveling
the playing field with today’s
dynamic threats
Identity Analytics Use Cases
“Identity Analytics and Intelligence (IAI)
moves organisations toward a contextual,
dynamic, risk-based approach to identity
and access management.”
Source: Gartner
Risk-Based Authentication
• Use risk scoring to drive step-up authentication
• Static risk scoring can be assigned to the entitlement,
user, or application
• Add dynamic risk at request such as time of day, geo
location, IP address, or device
• Results can be shared back into the analytics engine
as an advisor feed
Bad Behavioral Analysis
• Machine learning and anomaly detection based on
identities
• Give privileged users insight into unusual activity with
their credentials
• Identify unusual patterns of access, changes and data
exfiltration
• Detect use of privileged account “backdoors”
Excessive Credential Detection
• Identify orphaned or rogue accounts based on login or
peer group analysis – revoke accounts and save on
SaaS licenses
• Compare employees being paid by HR, or contracts to
orphaned or rogue accounts
Adaptive Access Certifications
• Request immediate access certification for high-risk
transactions
• Prioritise the highest risk entitlements for access
certifications
• Indicate dormant accounts or outlier access compared
to peers
• Reduce rubber-stamping and increase revocation rates
Risk-Based ID & Access Provisioning
• Risk-informed access request and approval
• Policy improvement suggestions for roles or SOD
controls
Generally, identity analytics
provides better decision-
making information
Security Analytics Use Cases
Abnormal Sensitive File Access
• Unusual time of day for the user
• From a risky IP address, geographic location or
unknown machine
• With credentials that haven’t been used in a while
Abnormal Data Exfiltration
• Large data sets
• Data movement to USB drives or an unusual location
Abnormal File Changes
• File replacement outside of change windows
• Changes made by an abnormal user
Abnormal Password Resets
• Brute force attempts at self-service password resets
• Abnormal time, location or device for password resets
Generally, security analytics is
looking for abnormal activity
Enforce
Access
Controls
Monitor
User
Activity
Identity-Powered Security
Minimise
Rights
Analytics
The Micro Focus Approach
An Integrated Identity, Access & Security Solution
Access
Management &
Authentication
Secure
User
Monitoring
Identity Governance &
Administration
AnalyticsAnalytics
Identity Governance & Administration
Enforcing the Least-Privilege Principle
IGA
Access
Request
Help-Desk
Integration
Access
Review
Privileged
Identity
Management
Delegated
Administration
Business Policy
SOD & Roles
Identity
Management
Minimise Rights
Enforce Access Controls
AMA
Single Sign-On
(Web, Cloud,
Enterprise)
BYOI
BYOD
Multi-Factor
Authentication
Federation
Risk-Based
Adaptive
Authentication
Access Management and Authentication
A Secure Sign-on Experience
Monitor User Activity
SUMLog & Event
Correlation
SIEM
File
Integrity
Monitoring
Configuration
Assessment
Anomaly
Detection
Privileged
Session
Recording
Secure User Monitoring
Analytics - Identify Abnormal
Benefits of an Analytics
Approach…
• Targeted information for more efficient and
intelligent decision making
• Reduced data sifting to more rapidly identify and
eliminate threats
• Reduced overall risk with existing personnel
resources
Questions?
Thank You For Listening
1 von 30

Recomendados

#MFSummit2016 Secure: Introduction to identity, access and security von
#MFSummit2016 Secure: Introduction to identity, access and security#MFSummit2016 Secure: Introduction to identity, access and security
#MFSummit2016 Secure: Introduction to identity, access and securityMicro Focus
1.2K views21 Folien
MYTHBUSTERS: Can You Secure Payments in the Cloud? von
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
240 views33 Folien
The Internet of Everything is Here von
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is HereLancope, Inc.
872 views29 Folien
What is zero trust model (ztm) von
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
766 views16 Folien
Symantec 2011 Social Media Protection Flash Poll Global Results von
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec
5.4K views13 Folien
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework von
Alex Hanway - Securing the Breach: Using a Holistic Data Protection FrameworkAlex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Frameworkcentralohioissa
870 views26 Folien

Más contenido relacionado

Was ist angesagt?

What is zero trust model of information security? von
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?Ahmed Banafa
2.5K views3 Folien
Vulnerability Testing Services Case Study von
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
38 views9 Folien
Tsc2021 cyber-issues von
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
116 views24 Folien
“Verify and never trust”: The Zero Trust Model of information security von
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information securityAhmed Banafa
614 views3 Folien
The CISO’s Guide to Data Loss Prevention von
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionDigital Guardian
1.2K views13 Folien
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk... von
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
299 views42 Folien

Was ist angesagt?(20)

What is zero trust model of information security? von Ahmed Banafa
What is zero trust model of information security?What is zero trust model of information security?
What is zero trust model of information security?
Ahmed Banafa2.5K views
“Verify and never trust”: The Zero Trust Model of information security von Ahmed Banafa
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
Ahmed Banafa614 views
The CISO’s Guide to Data Loss Prevention von Digital Guardian
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian1.2K views
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk... von Cam Fulton
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...
Cam Fulton299 views
Micro segmentation and zero trust for security and compliance - Guardicore an... von YouAttestSlideshare
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
2015 Angelbeat_ConvergenceMsg-FINAL von Rick Kingsley
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley234 views
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days von Digital Guardian
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian867 views
A Smarter, More Secure Internet of Things von NetIQ
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ3.5K views
SANS Critical Security Controls Summit London 2013 von Wolfgang Kandek
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek672 views
RSA ASIA 2014 - Internet of Things von Wolfgang Kandek
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Wolfgang Kandek408 views
McAfee Total Protection for Data Loss Prevention (DLP) von Trustmarque
McAfee Total Protection for Data Loss Prevention (DLP)McAfee Total Protection for Data Loss Prevention (DLP)
McAfee Total Protection for Data Loss Prevention (DLP)
Trustmarque1.1K views
Advanced Persistent Threat - Evaluating Effective Responses von NetIQ
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ1.8K views
Two Peas in a Pod: Cloud Security and Mobile Security von Omar Khawaja
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja381 views

Destacado

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics von
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsBritish Embassy Paris
929 views24 Folien
Big Data Security Intelligence and Analytics for Advanced Threat Protection von
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBlue Coat
5.1K views25 Folien
Security Analytics and Big Data: What You Need to Know von
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowMapR Technologies
2.8K views46 Folien
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian... von
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
841 views43 Folien
Big Data, Security Intelligence, (And Why I Hate This Title) von
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
4K views39 Folien
Security and Audit for Big Data von
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
3.7K views44 Folien

Destacado(10)

Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics von British Embassy Paris
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of EconomicsEnergy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Energy Storage - 3: Dr Jochen Seier, Federal Ministry of Economics
Big Data Security Intelligence and Analytics for Advanced Threat Protection von Blue Coat
Big Data Security Intelligence and Analytics for Advanced Threat ProtectionBig Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Blue Coat5.1K views
Security Analytics and Big Data: What You Need to Know von MapR Technologies
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies2.8K views
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian... von Trivadis
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis841 views
Security and Audit for Big Data von Nicolas Morales
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
Nicolas Morales3.7K views
Adaptive Enterprise Security Architecture von SABSAcourses
Adaptive Enterprise Security ArchitectureAdaptive Enterprise Security Architecture
Adaptive Enterprise Security Architecture
SABSAcourses2.8K views
Streamline Identity Management & Administration on AWS von Amazon Web Services
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
Amazon Web Services4.1K views

Similar a #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga... von
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Fasoo
1.7K views39 Folien
Cybersecurity in Shared Services Organizations von
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services OrganizationsScottMadden, Inc.
1.9K views16 Folien
Microsoft Avanced Threat Analytics von
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
1.2K views38 Folien
Too much data and not enough analytics! von
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!Emma Kelly
38 views40 Folien
Managing IT Risk and Assessing Vulnerability von
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
176 views30 Folien
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS von
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSForgeRock
1.3K views11 Folien

Similar a #MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense(20)

Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga... von Fasoo
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Aga...
Fasoo1.7K views
Cybersecurity in Shared Services Organizations von ScottMadden, Inc.
Cybersecurity in Shared Services OrganizationsCybersecurity in Shared Services Organizations
Cybersecurity in Shared Services Organizations
ScottMadden, Inc.1.9K views
Microsoft Avanced Threat Analytics von Adeo Security
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
Adeo Security1.2K views
Too much data and not enough analytics! von Emma Kelly
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
Emma Kelly38 views
Managing IT Risk and Assessing Vulnerability von AIS Network
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
AIS Network176 views
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS von ForgeRock
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
ForgeRock1.3K views
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati... von TI Safe
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
CLASS 2018 - Palestra de Denis Prado (Security Intelligence Sales Leader Lati...
TI Safe193 views
Anatomy Of A Breach: The Good, The Bad & The Ugly von Resilient Systems
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems2.2K views
Overcoming Hidden Risks in a Shared Security Model von OnRamp
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
OnRamp100 views
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy von Storage Switzerland
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Security Breakout Session von Splunk
Security Breakout Session Security Breakout Session
Security Breakout Session
Splunk1.4K views
Logs in Security and Compliance flare von zilberberg
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flare
zilberberg265 views
Insider Threat Protection | Seclore von Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore 22 views
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf von JustinBrown267905
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
DataWorks 2018: How Big Data and AI Saved the Day von Interset
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
Interset 379 views
Identity and Access Intelligence von Tim Bell
Identity and Access IntelligenceIdentity and Access Intelligence
Identity and Access Intelligence
Tim Bell56 views

Más de Micro Focus

North America Strategic Modernization Exec Forum von
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum Micro Focus
1.2K views13 Folien
Tech Channel COBOL ebook von
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebookMicro Focus
124 views15 Folien
Unlocking COBOL Business Value von
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business ValueMicro Focus
161 views15 Folien
Quietly confident, enduringly competent - COBOL. von
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Micro Focus
3.9K views10 Folien
5 key capabilitie for a smart service desk solution infographic von
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographicMicro Focus
213 views1 Folie
SAP Fortify by Micro Focus. von
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. Micro Focus
101 views9 Folien

Más de Micro Focus (20)

North America Strategic Modernization Exec Forum von Micro Focus
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
Micro Focus 1.2K views
Tech Channel COBOL ebook von Micro Focus
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
Micro Focus 124 views
Unlocking COBOL Business Value von Micro Focus
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
Micro Focus 161 views
Quietly confident, enduringly competent - COBOL. von Micro Focus
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
Micro Focus 3.9K views
5 key capabilitie for a smart service desk solution infographic von Micro Focus
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
Micro Focus 213 views
SAP Fortify by Micro Focus. von Micro Focus
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
Micro Focus 101 views
Digital Transformation pillars 2020 von Micro Focus
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
Micro Focus 1.3K views
Whats new in Enterprise 5.0 Product Suite von Micro Focus
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
Micro Focus 1.5K views
Micro Focus Corporate Overview von Micro Focus
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
Micro Focus 2.3K views
Why attend the application modernization & connectivity track at Micro Focus ... von Micro Focus
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
Micro Focus 2.4K views
Micro Focus #DevDay50 - Atlanta von Micro Focus
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
Micro Focus 2.6K views
Growth of Internet Data - 2017 von Micro Focus
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
Micro Focus 16.5K views
Easily Create Scalable Automation using Selenium von Micro Focus
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
Micro Focus 3.2K views
The Journey to Mainframe DevOps von Micro Focus
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
Micro Focus 863 views
Micro Focus extend 10 and 10.1 with AcuToWeb von Micro Focus
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus 871 views
The COBOL Story by Wim Ebbinkhuijsen von Micro Focus
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
Micro Focus 640 views
DevDay Copenhagen - Micro Focus overview and introduction von Micro Focus
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
Micro Focus 485 views
ACUCOBOL - Product Strategy and Roadmap von Micro Focus
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
Micro Focus 1.5K views
#DevDay Copenhagen - Bluegarden Presentation von Micro Focus
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
Micro Focus 283 views

Último

Piloting & Scaling Successfully With Microsoft Viva von
Piloting & Scaling Successfully With Microsoft VivaPiloting & Scaling Successfully With Microsoft Viva
Piloting & Scaling Successfully With Microsoft VivaRichard Harbridge
12 views160 Folien
Microsoft Power Platform.pptx von
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptxUni Systems S.M.S.A.
53 views38 Folien
Kyo - Functional Scala 2023.pdf von
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
368 views92 Folien
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors von
TouchLog: Finger Micro Gesture Recognition  Using Photo-Reflective SensorsTouchLog: Finger Micro Gesture Recognition  Using Photo-Reflective Sensors
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensorssugiuralab
19 views15 Folien
Special_edition_innovator_2023.pdf von
Special_edition_innovator_2023.pdfSpecial_edition_innovator_2023.pdf
Special_edition_innovator_2023.pdfWillDavies22
17 views6 Folien
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... von
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...Jasper Oosterveld
18 views49 Folien

Último(20)

Piloting & Scaling Successfully With Microsoft Viva von Richard Harbridge
Piloting & Scaling Successfully With Microsoft VivaPiloting & Scaling Successfully With Microsoft Viva
Piloting & Scaling Successfully With Microsoft Viva
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors von sugiuralab
TouchLog: Finger Micro Gesture Recognition  Using Photo-Reflective SensorsTouchLog: Finger Micro Gesture Recognition  Using Photo-Reflective Sensors
TouchLog: Finger Micro Gesture Recognition Using Photo-Reflective Sensors
sugiuralab19 views
Special_edition_innovator_2023.pdf von WillDavies22
Special_edition_innovator_2023.pdfSpecial_edition_innovator_2023.pdf
Special_edition_innovator_2023.pdf
WillDavies2217 views
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... von Jasper Oosterveld
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
Igniting Next Level Productivity with AI-Infused Data Integration Workflows von Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software263 views
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf von Dr. Jimmy Schwarzkopf
STKI Israeli Market Study 2023   corrected forecast 2023_24 v3.pdfSTKI Israeli Market Study 2023   corrected forecast 2023_24 v3.pdf
STKI Israeli Market Study 2023 corrected forecast 2023_24 v3.pdf
Serverless computing with Google Cloud (2023-24) von wesley chun
Serverless computing with Google Cloud (2023-24)Serverless computing with Google Cloud (2023-24)
Serverless computing with Google Cloud (2023-24)
wesley chun11 views
The details of description: Techniques, tips, and tangents on alternative tex... von BookNet Canada
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...
BookNet Canada127 views
Voice Logger - Telephony Integration Solution at Aegis von Nirmal Sharma
Voice Logger - Telephony Integration Solution at AegisVoice Logger - Telephony Integration Solution at Aegis
Voice Logger - Telephony Integration Solution at Aegis
Nirmal Sharma39 views
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... von James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson85 views

#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive Defense

  • 1. Security & Identity Analytics How Security and Identity Analytics can Drive Adaptive Defence Adam Evans | Senior Identity & Access Specialist | 24th February 2016
  • 2. Source: PwC 2016 Global State of Information Security Survey (Responses from 10,000 CxOs in 127 countries 30% from Europe. Error margin <1%) Hacking is Big Business… The average annual Monetary loss was $2.5m (£1.75m) per organisation
  • 3. Finding the weak links – a full-time job • Social media • Link clickers • Weak passwords
  • 5. “Enterprises are having a difficult time hiring skilled people as it takes 53% of organisations between 3 and 6 months to fill a position and 10% cannot fill them at all.” Source: ISACA’s global survey, “The State of Cybersecurity: Implications for 2015” Meanwhile, as the threat evolves…
  • 6. Provide the limited professionals we have with the best information for rapid decision making
  • 7. Analytics applies algorithms or machine learning to the “advisor feeds” for specific use cases
  • 8. At Micro Focus, we believe that Identity and Security Analytics holds the greatest hope of leveling the playing field with today’s dynamic threats
  • 10. “Identity Analytics and Intelligence (IAI) moves organisations toward a contextual, dynamic, risk-based approach to identity and access management.” Source: Gartner
  • 11. Risk-Based Authentication • Use risk scoring to drive step-up authentication • Static risk scoring can be assigned to the entitlement, user, or application • Add dynamic risk at request such as time of day, geo location, IP address, or device • Results can be shared back into the analytics engine as an advisor feed
  • 12. Bad Behavioral Analysis • Machine learning and anomaly detection based on identities • Give privileged users insight into unusual activity with their credentials • Identify unusual patterns of access, changes and data exfiltration • Detect use of privileged account “backdoors”
  • 13. Excessive Credential Detection • Identify orphaned or rogue accounts based on login or peer group analysis – revoke accounts and save on SaaS licenses • Compare employees being paid by HR, or contracts to orphaned or rogue accounts
  • 14. Adaptive Access Certifications • Request immediate access certification for high-risk transactions • Prioritise the highest risk entitlements for access certifications • Indicate dormant accounts or outlier access compared to peers • Reduce rubber-stamping and increase revocation rates
  • 15. Risk-Based ID & Access Provisioning • Risk-informed access request and approval • Policy improvement suggestions for roles or SOD controls
  • 16. Generally, identity analytics provides better decision- making information
  • 18. Abnormal Sensitive File Access • Unusual time of day for the user • From a risky IP address, geographic location or unknown machine • With credentials that haven’t been used in a while
  • 19. Abnormal Data Exfiltration • Large data sets • Data movement to USB drives or an unusual location
  • 20. Abnormal File Changes • File replacement outside of change windows • Changes made by an abnormal user
  • 21. Abnormal Password Resets • Brute force attempts at self-service password resets • Abnormal time, location or device for password resets
  • 22. Generally, security analytics is looking for abnormal activity
  • 24. The Micro Focus Approach An Integrated Identity, Access & Security Solution Access Management & Authentication Secure User Monitoring Identity Governance & Administration AnalyticsAnalytics
  • 25. Identity Governance & Administration Enforcing the Least-Privilege Principle IGA Access Request Help-Desk Integration Access Review Privileged Identity Management Delegated Administration Business Policy SOD & Roles Identity Management Minimise Rights
  • 26. Enforce Access Controls AMA Single Sign-On (Web, Cloud, Enterprise) BYOI BYOD Multi-Factor Authentication Federation Risk-Based Adaptive Authentication Access Management and Authentication A Secure Sign-on Experience
  • 27. Monitor User Activity SUMLog & Event Correlation SIEM File Integrity Monitoring Configuration Assessment Anomaly Detection Privileged Session Recording Secure User Monitoring Analytics - Identify Abnormal
  • 28. Benefits of an Analytics Approach… • Targeted information for more efficient and intelligent decision making • Reduced data sifting to more rapidly identify and eliminate threats • Reduced overall risk with existing personnel resources
  • 30. Thank You For Listening