Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Improve Situational Awareness for Federal Government with AlienVault USM

834 Aufrufe

Veröffentlicht am

Securing your network from threats is a constantly evolving challenge, especially for federal government agencies with much valuable data to protect, and where IT security resources are often limited. AlienVault has helped many government organizations get complete security visbility for effective threat detection and response, without breaking the bank.
Join us for a live demo to see how AlienVault USM addresses these key IT security needs:
Discover all IP-enabled assets to get an accurate picture of attack surface
Identify vulnerabilities like insecure configurations and unpatched software
Improve situational awareness with real-time threat detection and alerting
Speed incident containment & response with built-in remediation guidance for every alert
Investigate anomalies in protocol usage, privilege escalation, host behavior and more
Generate fast & accurate reports for compliance & management

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Improve Situational Awareness for Federal Government with AlienVault USM

  1. 1. About AlienVault Founded in 2007 and headquartered in San Mateo, CA with offices in: • Madrid, Spain (Sales & Support) • Austin, Texas (Dev, Engineering, Sales & Support) • Cork, Ireland (Sales & Support) Over 14,500 active implementations Over 1,900 customers Only company to be named “Visionary” in the Gartner Magic Quadrant in 2013 and 2014 Backed by Premier Investors including GGV Capital, KPCB, Trident Capital, and Intel Capital • Closed on Series D funding in December 2013
  2. 2. Agenda Threat Landscape OMB / OPM Government-wide 30-Day Sprint 5 Essential Security Capabilities for Unified Controls AlienVault Open Threat Exchange – What is it and how do Federal users benefit? Solution Architecture Demonstration – Victor Obando Q&A
  3. 3. Threat Landscape - Our New Reality The Public Sector experienced nearly 50 times more cyber incidents than any other industry in 2014 and it’s not slowing down into 2015. Federal CIO’s cannot simply rely on traditional boundary protection anymore and recruiting top-talent for cyber security remains a core challenge. Continuous Monitoring / Diagnostics and Mitigation (CDM) got off to a fast start, but in order for it to flourish, it must be a priority for the agency from a budget and resource perspective 84% of organizations breached had evidence of the breach in their log files… -2015 Verizon Data Breach Investigations Report
  4. 4. 30-Day Sprint - Security “Asks” for Fed Agencies ① Protecting Data: Better protect data at rest and in transit ② Improving Situational Awareness: Improve indication and warning ③ Increasing Cybersecurity Proficiency: Ensure a robust capacity to recruit and retain cybersecurity personnel ④ Increase Awareness: improve overall risk awareness by all users ⑤ Standardizing and Automating Processes: Decrease time needed to manage configurations and patch vulnerabilities ⑥ Controlling, Containing, and Recovering from Incidents: Contain malware proliferation, privilege escalation, and lateral movement. Quickly identify and resolve events and incidents ⑦ Strengthening Systems Lifecycle Security: Increase inherent security of platforms by buying more secure systems and retiring legacy systems in a timely manner ⑧ Reducing Attack Surfaces: Decrease complexity and number of things defenders need to protect
  5. 5. Built-In, Essential Security Capabilities USM Platform ASSET DISCOVERY • Active Network Scanning • Passive Network Scanning • Asset Inventory • Host-based Software Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning BEHAVIORAL MONITORING • Log Collection • Netflow Analysis • Service Availability Monitoring SIEM • SIEM Event Correlation • Incident Response INTRUSION DETECTION • Network IDS • Host IDS • File Integrity Monitoring
  6. 6. The ONLY Unified Security Management Solution AlienVault is the only security vendor that provides the five essential capabilities in one, pre-integrated solution Delivers rapid time to visibility and value
  7. 7. Open Threat Exchange: World’s Largest Crowd-sourced IP Reputation Alerting Platform • Real-time insights on known, validated malicious IP addresses and incidents affecting others globally • AlienVault Labs reacts to the emerging threat and publishes new correlation rules to all of our users • Every AlienVault USM installation receives the ThreatExchange update and protects against potential attacks OTX facilitates secure collaboration to identify emerging threats and prevent compromise. Providing the broadest based Reputation Feed in the world.
  8. 8. Coordinated Analysis, Actionable Guidance AlienVault Labs Threat Intelligence: Weekly updates that cover all coordinated rulesets: Network and host-based IDS signatures – detects the latest threats in your environment Asset discovery signatures – identifies the latest OS’es, applications, and device types Vulnerability assessment signatures – dual database coverage to find the latest vulnerabilities on all your systems Correlation rules – translates raw events into actionable remediation tasks Reporting modules – provides new ways of viewing data about your environment Dynamic incident response templates – delivers customized guidance on how to respond to each alert Newly supported data source plug-ins – expands your monitoring footprint 9
  9. 9. AlienVault Solution Architecture – 3 Components USM Server • Forensic Console • Reporting Engine • Event Correlation • Vulnerability Management • Availability Monitoring • Incident Management • Policy based Event Filtering Sensor • Event Collection/Normalizer • Threat Detection • Vulnerability Scanner • Netflow Protocol Analysis Logger • Forensic Event Storage • Digitally Time-Stamped Raw Logs • Fully Searchable
  10. 10. DEMO
  11. 11. 888.613.6023 ALIENVAULT.COM CONTACT US HELLO@ALIENVAULT.COM Now for some Questions.. Questions? Hello@AlienVault.com Twitter : @alienvault Test Drive AlienVault USM Download a Free 30-Day Trial http://www.alienvault.com/free-trial Check out our 15-Day Trial of USM for AWS https://www.alienvault.com/free-trial/usm-for-aws Try our Interactive Demo Site http://www.alienvault.com/live-demo-site