SlideShare ist ein Scribd-Unternehmen logo

מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service

Als PPTX, PDF herunterladen
Sharon Chai-Matan
Sharon Chai-Matan

http://cei.co.il/cloud-solutions/siem/ שירות SIEM-as-a-Service שיחד עם מרכז בקרה (SOC) מספק ללקוחות שלנו זיהוי בזמן אמת של אירועי אבטחת מידע ודרכי פיתרון מומלצים. המערכת מאפשרת זיהוי מיידי של חריגות בביצועי הרשת וכן התפרצויות של חריגות אבטחת מידע על בסיס ניתוח התנהגות הרשת. ניטור הרשת 7 × 24, התראות בזמן אמת, תיקון עבור כל פעילות זדונית, זרימת עבודה וניהול אירוע משולב, דוחות הנדרשים לצורך עמידה בדרישות ISO, PCI, HIPAA, SOX ועוד, עלות חודשית נמוכה היכנס לאתר שלנו והירשם לקבלת המערכת ל 30 ימי ניסיון בחינם http://cei.co.il/cloud-solutions/siem/

Technologie
1 von 20
‫המפיצה‬ ‫של‬ ‫הרשמית‬ CYBERSHARK by
About Us • Connect Everywhere Israel, Branch of Mexican IT Company • More then 20 years of IT management & Security • Working globally as Security Expert • Bring the Israel IT top of the art security solution
Malware Based Attacks Continue To Rise 2009 2,361,414 430,555,582 new malware detected 2015 new malware detected Source: Symantec 2016 Global Intelligence Network Report
1,179,000 new malware detected every day Source: Symantec 2016 Global Intelligence Network Report
Cisco Threats Security Risk • Every day there are more then 10 Security Risk threats in your network that you need to handle • Some impact you immediately • You need to be aware them and threat them when it happen
• 2016 – 146 Vulnerabilities for Microsoft Office • 106 Vulnerabilities considered CRITICAL • 2015-2016 – 150 Vulnerabilities for Adobe Reader • 11 Vulnerabilities considered CRITICAL Microsoft Security Bulletin MS16-120 - Critical Adobe Security Bulleting
Our Way to Solve Security Risk • Our System Solution helps companies to overcome security issues in their system • There are 2 process that work together to solve your security break • SIEM - Security Information and Event Management • Deal with all the alerts in the system • SOC - Security Operations Center • Real people • Working 24x7 • Monitors the security event • send alerts and solutions to problems
The work flow
Firewalls I.P.S Linux Server Window Server Switches Router The company has different IT and Information Security Devices, such as Firewalls, IPS, Switches, routers, proxies, Anti Spam, Antivirus , Windows Servers, Linux Servers and others. Each Device Creates Its Own Security Log With Security Information On It. 1
The Collector (MSI) will be installed on the client premises and will take the logs from all this devices. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI 2
Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The collector will compress them and send them encrypted to the Cyber Shark Cloud. 3
Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Aggregation Normalization Duplication The events when arriving pass to different processes as Aggregation, normalization and duplication. 4
Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send Aggregation Normalization Duplication Then are placed in the Database 5
Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The Data on database is enriched by external sources as Blacklists and others. IT is passed through a complex set of correlation rules. 6 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB
Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Data can be exposed to the client using the dashboard. When an incident is identified, an alert is sent to the costumer and a ticket being open for the analyst to check the issue. 7 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB Dashboard Alert
Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send The analyst checks the incident and decide if it is a false positive or not, and if not gathers all the evidence. A Remediation plan is created and all this data is send to the client via a ticketing system or email. 8 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules Verify False Positive Add Remediation Plan DB Dashboard Alert Notify SOC Analyst CLIENTS
Who needs this solutions • Capital Market • Credit Data Law • Superintendent of Insurance • SOC2 - Cloud companies that hold customer information • PCI - Companies that perform credit card transactions required to correct • HIPPA - Companies must meet HIPPA regulation - drug companies and HMOs
Why CYBERShark ? • Your network & data are critical to your success • The characteristics of cyber threats are known: • Unusual outbound network traffic/data exfiltration • Anomalies in privileged-user account activity • Large numbers of requests for the same file • Geographical irregularities • Database extractions (SQL injection) • Sweep Scans & event log alterations • But these Indicators of Compromise (IoC) cannot be reliably detected by localized security measures like firewalls and IDS/IPS systems! • You need CYBERShark to watch your entire network
HOW CYBERSHARK PROTECTS YOU • The alerts we send you don’t just tell you that there’s a problem, they tell you how to handle it: • Identification of the specific threat • Remediation steps to fix the problem (device-specific) • All supporting evidence provided in the alert • The customer portal lets you view your own network security posture at a glance • You get access to comprehensive reporting for security and regulatory compliance • Compliance reports identify the specific regulatory issues at stake due to a threat (HIPAA, PCI, GPG13 and more)
Contact Us WWW.CEI.CO.IL Salo 052-3653227 salo@cei.co.il Sharon 054-5680114 sharon@cei.co.il

Empfohlen

Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesGov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Splunk
 
Abdulkarim 1 and 2
Abdulkarim 1 and 2Abdulkarim 1 and 2
Abdulkarim 1 and 2
عبودي خلف
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend Micro
VMUG IT
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
AlienVault
 
Securing Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The CustomerSecuring Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The Customer
Datapipe
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
AlgoSec
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
Datapipe
 

Empfohlen

Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los AngelesGov & Education Day 2015 - Tim Lee, City of Los Angeles
Gov & Education Day 2015 - Tim Lee, City of Los Angeles
Splunk
 
Abdulkarim 1 and 2
Abdulkarim 1 and 2Abdulkarim 1 and 2
Abdulkarim 1 and 2
عبودي خلف
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend Micro
VMUG IT
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
AlienVault
 
Securing Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The CustomerSecuring Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The Customer
Datapipe
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
AlgoSec
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
Datapipe
 
Discover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & ManagementDiscover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & Management
Webindia Internet Services (Chennai) Pvt. Ltd.
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 
Managed security services
Managed security servicesManaged security services
Managed security services
manoharparakh
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
 
Outpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud security
Outpost24
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
Skybox Security
 
Network Security Best Practices - Reducing Your Attack Surface
Network Security Best Practices - Reducing Your Attack SurfaceNetwork Security Best Practices - Reducing Your Attack Surface
Network Security Best Practices - Reducing Your Attack Surface
Skybox Security
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Lancope, Inc.
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
Datapipe
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix It
Skybox Security
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
Hostway|HOSTING
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 
NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter
RiskNaut
 
SIEM
SIEMSIEM
SIEM
Napier University
 
It Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringIt Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security Monitoring
Webindia Internet Services
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Network Security Trends for 2016: Taking Security to the Next Level
Network Security Trends for 2016: Taking Security to the Next LevelNetwork Security Trends for 2016: Taking Security to the Next Level
Network Security Trends for 2016: Taking Security to the Next Level
Skybox Security
 
Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
Advanced Technology Consulting (ATC)
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
Metaorange
 

Weitere ähnliche Inhalte

Was ist angesagt?

IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Lancope, Inc.
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 

Was ist angesagt? (20)

Discover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & ManagementDiscover an IT Infrastructure Services & Management
Discover an IT Infrastructure Services & Management
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
Managed security services
Managed security servicesManaged security services
Managed security services
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Outpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud securityOutpost24 webinar - Mastering the art of multicloud security
Outpost24 webinar - Mastering the art of multicloud security
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
 
Network Security Best Practices - Reducing Your Attack Surface
Network Security Best Practices - Reducing Your Attack SurfaceNetwork Security Best Practices - Reducing Your Attack Surface
Network Security Best Practices - Reducing Your Attack Surface
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix It
 
HIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best PracticesHIPAA 101 Compliance Threat Landscape & Best Practices
HIPAA 101 Compliance Threat Landscape & Best Practices
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter
 
SIEM
SIEMSIEM
SIEM
 
It Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security MonitoringIt Infrastructure Security - 24x7 Security Monitoring
It Infrastructure Security - 24x7 Security Monitoring
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Network Security Trends for 2016: Taking Security to the Next Level
Network Security Trends for 2016: Taking Security to the Next LevelNetwork Security Trends for 2016: Taking Security to the Next Level
Network Security Trends for 2016: Taking Security to the Next Level
 

Ähnlich wie מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service

The Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - PowertechThe Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - Powertech
HelpSystems
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
Cisco Canada
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 

Ähnlich wie מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service (20)

Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
The Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - PowertechThe Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - Powertech
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 
Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​Decrypting the security mystery with SIEM (Part 1) ​
Decrypting the security mystery with SIEM (Part 1) ​
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
Unified threat management 4 july 17
Unified threat management 4 july 17Unified threat management 4 july 17
Unified threat management 4 july 17
 
Unified threat management cisco 21 jun 17
Unified threat management cisco 21 jun 17Unified threat management cisco 21 jun 17
Unified threat management cisco 21 jun 17
 
Cisco security 27 jun 17
Cisco security 27 jun 17Cisco security 27 jun 17
Cisco security 27 jun 17
 
Unified threat management cisco 1 july 17
Unified threat management cisco 1 july 17Unified threat management cisco 1 july 17
Unified threat management cisco 1 july 17
 
Unified threat management cisco 5 july 17
Unified threat management cisco 5 july 17Unified threat management cisco 5 july 17
Unified threat management cisco 5 july 17
 
Cisco security3 july17
Cisco security3 july17Cisco security3 july17
Cisco security3 july17
 

Mehr von Sharon Chai-Matan

CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
Sharon Chai-Matan
 
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
Sharon Chai-Matan
 
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתןעצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
Sharon Chai-Matan
 

Mehr von Sharon Chai-Matan (7)

CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
CONNECT EVERYWHERE ISRAEL CYBERSECURITY BULLETIN – יולי 2017
 
מערכות ניטור ובקרה למערכות It
מערכות ניטור ובקרה למערכות Itמערכות ניטור ובקרה למערכות It
מערכות ניטור ובקרה למערכות It
 
22 דרכים לקידום ושיווק אפליקציות בחינם
22 דרכים לקידום ושיווק אפליקציות בחינם22 דרכים לקידום ושיווק אפליקציות בחינם
22 דרכים לקידום ושיווק אפליקציות בחינם
 
הצפנת שיחות טלפון סלולרי שגם המשטרה לא יכולה לשמוע
הצפנת שיחות טלפון סלולרי שגם המשטרה לא יכולה לשמועהצפנת שיחות טלפון סלולרי שגם המשטרה לא יכולה לשמוע
הצפנת שיחות טלפון סלולרי שגם המשטרה לא יכולה לשמוע
 
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
אפליקציות ככלי עזר לבעלי רכבים - שיווק במובייל
 
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתןעצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
עצות לשיווק עצמי של העסק שלך באינטרנט ובפייסבוק - שרון חי-מתן
 
שימושים לקודי QR דוגמאות ועזרים
שימושים לקודי QR דוגמאות ועזריםשימושים לקודי QR דוגמאות ועזרים
שימושים לקודי QR דוגמאות ועזרים
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 

Kürzlich hochgeladen (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

מערכת ניהול לוגים אבטחת מידע, זיהוי חריגות ומרכז בקרה ודרכי פיתרון מומלצים, SIEM as a Service

  • 2. About Us • Connect Everywhere Israel, Branch of Mexican IT Company • More then 20 years of IT management & Security • Working globally as Security Expert • Bring the Israel IT top of the art security solution
  • 3. Malware Based Attacks Continue To Rise 2009 2,361,414 430,555,582 new malware detected 2015 new malware detected Source: Symantec 2016 Global Intelligence Network Report
  • 4. 1,179,000 new malware detected every day Source: Symantec 2016 Global Intelligence Network Report
  • 5. Cisco Threats Security Risk • Every day there are more then 10 Security Risk threats in your network that you need to handle • Some impact you immediately • You need to be aware them and threat them when it happen
  • 6. • 2016 – 146 Vulnerabilities for Microsoft Office • 106 Vulnerabilities considered CRITICAL • 2015-2016 – 150 Vulnerabilities for Adobe Reader • 11 Vulnerabilities considered CRITICAL Microsoft Security Bulletin MS16-120 - Critical Adobe Security Bulleting
  • 7. Our Way to Solve Security Risk • Our System Solution helps companies to overcome security issues in their system • There are 2 process that work together to solve your security break • SIEM - Security Information and Event Management • Deal with all the alerts in the system • SOC - Security Operations Center • Real people • Working 24x7 • Monitors the security event • send alerts and solutions to problems
  • 9. Firewalls I.P.S Linux Server Window Server Switches Router The company has different IT and Information Security Devices, such as Firewalls, IPS, Switches, routers, proxies, Anti Spam, Antivirus , Windows Servers, Linux Servers and others. Each Device Creates Its Own Security Log With Security Information On It. 1
  • 10. The Collector (MSI) will be installed on the client premises and will take the logs from all this devices. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI 2
  • 11. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The collector will compress them and send them encrypted to the Cyber Shark Cloud. 3
  • 12. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Aggregation Normalization Duplication The events when arriving pass to different processes as Aggregation, normalization and duplication. 4
  • 13. Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send Aggregation Normalization Duplication Then are placed in the Database 5
  • 14. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send The Data on database is enriched by external sources as Blacklists and others. IT is passed through a complex set of correlation rules. 6 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB
  • 15. Firewalls I.P.S Linux Server Window Server Switches Router CollectorMSI Compress Encrypt Send Data can be exposed to the client using the dashboard. When an incident is identified, an alert is sent to the costumer and a ticket being open for the analyst to check the issue. 7 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules DB Dashboard Alert
  • 16. Firewalls I.P.S Linux Server Window Server Switches Router Collector MSI Compress Encrypt Send The analyst checks the incident and decide if it is a false positive or not, and if not gathers all the evidence. A Remediation plan is created and all this data is send to the client via a ticketing system or email. 8 Aggregation Normalization Duplication External Sources Enrichment Compliance Rules Correlation Rules Verify False Positive Add Remediation Plan DB Dashboard Alert Notify SOC Analyst CLIENTS
  • 17. Who needs this solutions • Capital Market • Credit Data Law • Superintendent of Insurance • SOC2 - Cloud companies that hold customer information • PCI - Companies that perform credit card transactions required to correct • HIPPA - Companies must meet HIPPA regulation - drug companies and HMOs
  • 18. Why CYBERShark ? • Your network & data are critical to your success • The characteristics of cyber threats are known: • Unusual outbound network traffic/data exfiltration • Anomalies in privileged-user account activity • Large numbers of requests for the same file • Geographical irregularities • Database extractions (SQL injection) • Sweep Scans & event log alterations • But these Indicators of Compromise (IoC) cannot be reliably detected by localized security measures like firewalls and IDS/IPS systems! • You need CYBERShark to watch your entire network
  • 19. HOW CYBERSHARK PROTECTS YOU • The alerts we send you don’t just tell you that there’s a problem, they tell you how to handle it: • Identification of the specific threat • Remediation steps to fix the problem (device-specific) • All supporting evidence provided in the alert • The customer portal lets you view your own network security posture at a glance • You get access to comprehensive reporting for security and regulatory compliance • Compliance reports identify the specific regulatory issues at stake due to a threat (HIPAA, PCI, GPG13 and more)
  • 20. Contact Us WWW.CEI.CO.IL Salo 052-3653227 salo@cei.co.il Sharon 054-5680114 sharon@cei.co.il