SlideShare a Scribd company logo

PaloAlto Enterprise Security Solution

Prime Infoserv
Prime Infoserv

Cortex secures the future by reinventing security operations through its unique approach. Cortex breaks down data and product silos by gaining enterprise-scale visibility across network, endpoint, and cloud data using its Cortex XDR platform. Cortex XDR improves prevention, detection, and response capabilities. Demisto automates security processes and orchestrates responses through playbooks with its many product integrations.

Technology
1 of 64
1 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex Secures The Future REINVENTING SECURITY OPERATIONS
2 | © 2019 Palo Alto Networks. All Rights Reserved. How to use this deck This deck is meant to be a modular master deck for customer meetings. Please note that most meetings will be focused on either Cortex XDR or Demisto (and not both) so please make a copy and reduce the slides down to meet the needs of the specific meeting. If you would like create your own personal personal copy to customize, use File -> “Make a copy” Standalone decks with additional product slides: • Cortex XDR • Demisto
3 | © 2019 Palo Alto Networks. All Rights Reserved. Emerging Challenges in Security Operations
4 | © 2019 Palo Alto Networks. All Rights Reserved. 412M records stolen 2M records stolen 2.9M records stolen 147M records stolen 1998 As threats escalate, SecOps is more important than ever 110M records stolen 2B records stolen 145M records stolen 143M records stolen 47M 182M 600M 925M + Morris Worm Space agency breach 134M credit cards stolen 150M records stolen 500M guest records stolen77M records stolen New Malicious programs registered New Malicious programs registered New Malicious programs registeredNew Malicious programs registered 200M records stolen 95M records stolen 1.6M records stolen Present20162013201020072004 Malicious code Trojans Worms Viruses Identity theft Phishing Mobile viruses DNS attacks Botnets Sabotage Anti-spam SQL attacks Social engineering DDos attacks Malicious email Ransomware Botnets Banking malware Keyloggers Ransomware Botnets Ransomware Cryptominer Certificate attacks Bitcoin wallet Android hacks Insider threats Cyberwarfare Fileless attacks Automated & AI attacks Cloud migration S3 buckets
5 | © 2019 Palo Alto Networks. All Rights Reserved. Why security teams struggle Too Many Alerts Limited ContextLack of Time 174k alerts per week 30+ point products 4+ days to complete an investigation
6 | © 2019 Palo Alto Networks. All Rights Reserved. The reality (and complexity) of security operations NEWS & ALERTS
7 | © 2019 Palo Alto Networks. All Rights Reserved. Low (Reactive) How SecOps must transform to reduce risk Medium High (Proactive) EFFICIENCY MTTR/MTTD & RISK Maturity Detection RULE-BASED CORRELATED RULE-BASED ANALYTICS-BASED Context LOG AGGREGATION SILOED DATA COLLECTION INTEGRATED RICH DATA Automation NONE PARTIAL FULL
8 | © 2019 Palo Alto Networks. All Rights Reserved. Our Unique Approach
9 | © 2019 Palo Alto Networks. All Rights Reserved. Log repository Rules Reactive investigation SOC Manual Processes 9 | © 2019 Palo Alto Networks, Inc. All Rights Reserved. Traditional Approach to the SOC Isn’t Working
10 | © 2019 Palo Alto Networks. All Rights Reserved. Good data Analytics Proactive response Automation 10 | © 2019 Palo Alto Networks, Inc. All Rights Reserved. Our Unique Approach With Cortex
11 | © 2019 Palo Alto Networks. All Rights Reserved. Reinventing SecOps with Cortex Cortex XDR Prevent & Next-Generation Firewall Prevent everything you can Cortex XDR Pro Everything you can’t prevent, detect and investigate fast Demisto Automate response and get smarter with each incident
12 | © 2019 Palo Alto Networks. All Rights Reserved. Endpoint protection ML-based threat detection Investigation & response Case management Real-time collaboration Security orchestration and automation Threat intelligence Reinventing SecOps with Cortex
13 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Endpoint Protection
14 | © 2019 Palo Alto Networks. All Rights Reserved. Legacy EPPs can’t keep up with advanced threats and burden local systems The Problem: Endpoint infections continue despite best efforts Legacy Endpoint Security Has Failed Endpoint Detection & Response is Limited EDR is locked to the endpoint and lacks a solution for unmanaged devices Siloed Network & Endpoint Protection Current approaches do not share protections between different parts of the enterprise
15 | © 2019 Palo Alto Networks. All Rights Reserved. Before After Our Approach: Best-in-class endpoint protection Phishing email and credentials stolen Login using RPC and download malware Exploit local vulnerabilities Infect local endpoint and prepare for exfiltration Lateral movement and data exfiltration Exploit prevention based on technique Malware protection trained by WildFire Exploit prevention based on technique Behavioral Threat Protection (BTP) Investigate & respond with Cortex XDR
16 | © 2019 Palo Alto Networks. All Rights Reserved. Stop the advanced threats with machine learning, behavioral protection, and exploit mitigation Key Differentiators: Best-in-class prevention Prevent All Threats Enterprise-wide Detection & Response Find, investigate and stop all attacks across network, endpoint and cloud assets Shared Protections Share protections across network, endpoint, and a global community of users
17 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Threat Detection
18 | © 2019 Palo Alto Networks. All Rights Reserved. Sophisticated attacks & insider abuse can bypass controls The Problem: Too many false positives and missed attacks You Can’t Prevent All Attacks Anomaly Detection is not a “Human” Job Detecting anomalies requires analyzing a comprehensive data set Detection Yields Too Many False Positives Teams waste time and miss threats chasing low-context false positive alerts
19 | © 2019 Palo Alto Networks. All Rights Reserved. Our Approach: ML-based threat detection Before After Data Network Endpoint Network Human Correlation Endpoint Cloud Cloud Detection Detection Detection Data Data Data Data Data High-signal Alerts ML-based Behavior Analytics Custom Rules Data Data Endpoint NetworkCloud Data Integrated data
20 | © 2019 Palo Alto Networks. All Rights Reserved. Eliminate blind spots across network, endpoint, and cloud Key differentiators: Find advanced attacks with analytics Full Visibility To Detect Complex Threats Patented Behavioral Analytics Technology Find hidden threats with patented Machine Learning framework Industry-leading Attack Coverage Detect the most attack techniques according to MITRE ATT&CK evaluations
21 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Investigation & Response
22 | © 2019 Palo Alto Networks. All Rights Reserved. Analysts have to review each alert individually The Problem: Threat containment takes too long Limited Context Across Multiple Alerts Finding Root Cause Takes Too Long By the time you find root cause, the attack has progressed Investigations Are Highly Manual Teams must manually piece together data from siloed tools & data sources
23 | © 2019 Palo Alto Networks. All Rights Reserved. Investigation & response with XDR Before After NTA NTAEPP TI NGFW UEBA NGFWEPP TI UEBA Related alerts grouped into Incidents Phishing alert Chrome.exe cmd.exe powershell.exe wscript.exe7zFM.exe
24 | © 2019 Palo Alto Networks. All Rights Reserved. Turn multiple related alerts into one incident Key Differentiators: Cut investigation & response time Intelligent Alert Grouping Automated Root Cause Analysis Easily understand the source and progression of attacks Data Integration For Full Visibility Unify network, endpoint, and cloud data to streamline analysis
25 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Phishing Response (Demisto)
26 | © 2019 Palo Alto Networks. All Rights Reserved. Phishing attacks are frequent, easy to execute, and act as the entry vector for most security attacks The Problem: Phishing response is hard High Alert Volumes Ever-Present and Growing 95% of all attacks on enterprise networks are a result of spear phishing1 Disjointed Processes Security teams must coordinate across email inboxes, threat intel, NGFW, ticketing, and other tools for phishing response 1 Source: https://www.networkworld.com/article/2164139/network-security/how-to-blunt-spear-phishing-attacks.htm
27 | © 2019 Palo Alto Networks. All Rights Reserved. Before After Check indicator reputation Collect context Detonate file Quarantine Threat Intelligence SIEM Malware Analysis EDR Manual triage Email Security Analyst Raise severity Open Ticket Email Extract SIEM Threat Intelligence Sandbox IP, domain, attachment SeverityTicketing Mail Ingest Enrich Respond Inform Analyst Our Approach: Phishing response
28 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto integrates with all security tools commonly used for phishing enrichment and response Key Differentiators: Automate and standardize phishing response Product Integrations Automated Actions 1000s of automated actions across security tools make scalable phishing response a reality Intuitive Response Playbooks OOTB and custom task-based workflows enable security teams to coordinate across teams, products, and infrastructures
29 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: IT And Security Processes Automation (Demisto)
30 | © 2019 Palo Alto Networks. All Rights Reserved. Managing and responding to security incidents involves end users, IT team, NOC team, and other stakeholders The Problem: Processes are disjointed Team Silos Lack of Metrics Security teams lack the time, flexibility, and centralized data to visualize relevant metrics and track performance Shifting Context Coordinating across security tools involves shifting context, leading to rework and fragmented documentation
31 | © 2019 Palo Alto Networks. All Rights Reserved. Our Approach: Security processes Before After Security Analyst SIEM Email Ticketing Data Action Data Action EDR Data Action Threat Intel Firewall Admin IT Team DevOps Alert Sources SIEM Vuln. Mgmt. Email Cloud Alerts Ingest Security Analyst Enrich and Respond Other TeamsPoint Products
32 | © 2019 Palo Alto Networks. All Rights Reserved. Communicate with end users, security teammates, and other teams, both in real-time and through automated tasks Key Differentiators: Centralized incident management with security context Cross-team Communication Granular Dashboards View cross-sections of incident, indicator, and analyst data with custom, widget-driven dashboards and reports Security Focused Context Ingest all security alerts for centralized view and context across the incident response lifecycle
33 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex XDR Detection & Response
34 | © 2019 Palo Alto Networks. All Rights Reserved. ● Best-in-class prevention ● Most comprehensive security data asset ● Continuous ML-based detection ● Automated root-cause analysis ● Integrated response for network and endpoint Cortex XDR breaks down silos to stop all attacks
35 | © 2019 Palo Alto Networks. All Rights Reserved. Key differentiators: Gain enterprise-scale visibility Cortex XDR Cortex Data Lake Network Endpoint Third-Party DataCloud
36 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex XDR: Breaking Down Data and Product Silos User Behavior Analytics Endpoint Protection Network Traffic Analysis Endpoint Detection & Response Prevention, Detection and Response Across Endpoint, Network & Cloud Data EPP UBAEDR NTA
37 | © 2019 Palo Alto Networks. All Rights Reserved. XDR: Imitation is the Sincerest Form of Flattery 37 | © 2019 Palo Alto Networks. All Rights Reserved.
38 | © 2019 Palo Alto Networks. All Rights Reserved. High fidelity local malware prevention trained by WildFire Best-in-class prevention with the Cortex XDR agent Complete malware prevention Uncover and stop complex attacks Analyzes multiple behaviors together to flag complex attacks Superior exploit protection Stop attacks based on exploit techniques
39 | © 2019 Palo Alto Networks. All Rights Reserved. Find stealthy threats with ML & behavioral analytics Continuous ML-based detection High-signal alerts Simplified hunting Quickly find new threats with complete evidence and powerful searches Custom rules Constantly improve detection with custom behavioral rules
40 | © 2019 Palo Alto Networks. All Rights Reserved. Key differentiators: Supercharge Investigation & Response Unified Incident Engine Intelligently group related alerts into one incident Automated Root Cause Analysis Reveal the root cause of attacks in one click Integrated Response Quick actions to contain attacks or run custom forensics
41 | © 2019 Palo Alto Networks. All Rights Reserved. PALO ALTO NETWORKS 88% Cybereason 78% Microsoft 77% CrowdStrike 77% SentinelOne 74% Endgame 74% Carbon Black 74% FireEye 70% Countertack 57% RSA 55% Attack technique coverage Scored higher than all other vendors with 93% fewer misses Cortex XDR MITRE ATT&CK coverage
42 | © 2019 Palo Alto Networks. All Rights Reserved. Augment your team with Cortex MDR partners Achieve the full potential of Cortex XDR at any maturity level with trusted partners
43 | © 2019 Palo Alto Networks. All Rights Reserved. 43 | © 2019 Palo Alto Networks. All Rights Reserved. ” “The relief of knowing we are seeing actual viable data, information we could react to, and incidents we could follow up on. Now we can be ahead of the situation. Greg Biegen, Director of Information Security at Cherwell Software
44 | © 2019 Palo Alto Networks. All Rights Reserved. Summary: Cortex XDR value Reduce risk of a breach Maximize investmentsIncrease SecOps efficiency Lower TCO by 44% Reduce alerts 50x with alert grouping Cut detection & response times 8x
45 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto: Security Orchestration, Automation, And Response
46 | © 2019 Palo Alto Networks. All Rights Reserved. What is SOAR? • Playbooks, runbooks, workflows • Logically organized plan of action • Controlling, activating security product stack from central location Orchestration Automation • Automated scripts • Extensible product integrations • Machine execution of playbook tasks Response • Case management • Analysis and reporting • Communication and collaboration Security Orchestration, Automation, and Response
47 | © 2019 Palo Alto Networks. All Rights Reserved. Respond, automate, and manage with Demisto Alert sources Respond and automate Manage incidents Collaborate and learn Playbook-based orchestration with 300+ vendor integrations Ingest, search and query ALL security incidents Collaborate with other security analysts
48 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a workflow automation engine Respond to incidents with speed and scale 100s of product integrations 1000s of security actions Visual playbook editor
49 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a security ticketing system Standardize process across products, teams and use cases Ingest, search, and query ALL security alerts SLA/Metric tracking Dashboards and Reporting
50 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a collaboration platform Improve investigation quality by working together Virtual War Room Real-time security actions Auto-documentation
51 | © 2019 Palo Alto Networks. All Rights Reserved. Before Demisto Lack of defined process Disparate alert sources Repetitive and manual actions Lack of product interconnectivity
52 | © 2019 Palo Alto Networks. All Rights Reserved. After Demisto Standardized and enforceable processes All alerts flowing into one console Automated high-quantity actions Cross-product coordination
53 | © 2019 Palo Alto Networks. All Rights Reserved. Security Operations Breadth of Demisto use-cases Incident Management Phishing Response Cloud Security Vulnerability Management OT Alert Sources Enrich and Respond SIEM and Analytics EDR Cloud Security Alerts Vulnerability Scanners Email Ticketing Threat Intelligence EDR Malware Analysis Email/Web Gateways Ticketing
54 | © 2019 Palo Alto Networks. All Rights Reserved. Breadth of Demisto integrations Analytics and SIEM Threat Intelligence Malware Analysis Endpoint Network Security Authentication Email Gateway Ticketing Messaging Cloud ...and more!
55 | © 2019 Palo Alto Networks. All Rights Reserved. 55 | © 2019 Palo Alto Networks. All Rights Reserved. ” “Demisto's process modularity and automation has helped us stay agile as we onboard new technologies. Demisto is really the constant 'sheet music' that keeps our security orchestra going. Sean Hastings, Senior Information Security Analyst
56 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto value Standardize and scale processes Coordinate actions across security products Lower response times with automation *Real stats from Demisto customers Reduced weekly alerts from 10,000 to 500 Reduced response times from 3 days to 25 minutes Automated 30% of incidents for 1 FTE time saved
57 | © 2019 Palo Alto Networks. All Rights Reserved. 57 | © 2019 Palo Alto Networks. All Rights Reserved. ” “Launched in 2015, Demisto rapidly became one of the most visible security orchestration, automation and response (SOAR) vendors, outshining vendors launched years earlier. An early focus on user interface (and not just the APIs), its inclusion of machine learning, usable Slack integration, and sizable stable of out-of-the box integration with tools and online services makes it a popular SOAR tool. Anton Chuvakin, Ex-Research VP, Gartner Demisto successfully maps with all of Gartner’s recommended capabilities for SOAR vendors. View Full PDF "Cool Vendor" in Security Operations and Vulnerability Management, 2018
58 | © 2019 Palo Alto Networks. All Rights Reserved. Palo Alto Networks: Better Together
59 | © 2019 Palo Alto Networks. All Rights Reserved. SECURE THE ENTERPRISE
60 | © 2019 Palo Alto Networks. All Rights Reserved. 60,000+ customers in 150+ countries 85 of Fortune 100 rely on Palo Alto Networks 63% of the Global 2K are Palo Alto Networks customers Revenue trend 40% CAGR FY14 ‒ FY18 FY14 FY15 FY16 FY17 FY18 #1 in enterprise security 28% year over year revenue growth* 9.1/10 average CSAT score The world’s leading cybersecurity company Q4FY2018. Fiscal year ends July 31 Gartner, Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 1Q18, 14 June 2018
61 | © 2019 Palo Alto Networks. All Rights Reserved. Get a Hassle-Free Cortex XDR Demo Take Demisto For a Spin Next steps
62 | © 2019 Palo Alto Networks. All Rights Reserved. Thank You paloaltonetworks.com Email: name@paloaltonetworks.com Twitter: @PaloAltoNtwks
63 | © 2019 Palo Alto Networks. All Rights Reserved. Complete endpoint protection Cortex XDR Prevent Cortex XDR 2.0 product tiers Comprehensive prevention, detection, investigation, and response Cortex XDR Pro 30 days Cortex Data Lake retention included
64 | © 2019 Palo Alto Networks. All Rights Reserved. What is Demisto? Visual playbook editor Respond to incidents the same way every time Task-based workflows SLA & metric tracking Standardize Process Auto documentation Reduce business and security risk Dashboards & reports Improved ROI Reduce Risk Thousands of security actions Respond to incidents with speed and scale Hundreds of integrations Cross correlations Accelerate Response Investigation Canvas Improve investigation quality by working together Virtual War Room Machine Learning Collaborate & Learn

Recommended

Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMElasticsearch
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020Guido Marchetti
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations♟Sergej Epp
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 

Recommended

Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMElasticsearch
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020Guido Marchetti
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations♟Sergej Epp
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
cn-series-se-presentation.pptx
cn-series-se-presentation.pptxcn-series-se-presentation.pptx
cn-series-se-presentation.pptxeli lama sabachtani sinaga
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
ATT&CKcon Intro
ATT&CKcon IntroATT&CKcon Intro
ATT&CKcon IntroMITRE ATT&CK
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASBAlberto Rivai
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access Er. Ajay Sirsat
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architectureDenise Bailey
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
 
Integrated Secure Networking - Fortinet
Integrated Secure Networking - FortinetIntegrated Secure Networking - Fortinet
Integrated Secure Networking - FortinetHarry Gunns
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 

More Related Content

What's hot

DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASBAlberto Rivai
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access Er. Ajay Sirsat
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architectureDenise Bailey
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...YouAttestSlideshare
 

What's hot (20)

Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptx
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
cn-series-se-presentation.pptx
cn-series-se-presentation.pptxcn-series-se-presentation.pptx
cn-series-se-presentation.pptx
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
ATT&CKcon Intro
ATT&CKcon IntroATT&CKcon Intro
ATT&CKcon Intro
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASB
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
 

Similar to PaloAlto Enterprise Security Solution

Integrated Secure Networking - Fortinet
Integrated Secure Networking - FortinetIntegrated Secure Networking - Fortinet
Integrated Secure Networking - FortinetHarry Gunns
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's AdvantageRaffael Marty
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
Game Changing Cyber Defensive Strategies for 2019
Game Changing Cyber Defensive Strategies for 2019Game Changing Cyber Defensive Strategies for 2019
Game Changing Cyber Defensive Strategies for 2019Fidelis Cybersecurity
 
120019_top5_security
120019_top5_security120019_top5_security
120019_top5_securityJessica Hirst
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTSimone Onofri
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation PlansEvolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation PlansChristopher Korban
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco ITSitio.com
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013Imperva
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaAngeloluca Barba
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
 

Similar to PaloAlto Enterprise Security Solution (20)

Integrated Secure Networking - Fortinet
Integrated Secure Networking - FortinetIntegrated Secure Networking - Fortinet
Integrated Secure Networking - Fortinet
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
Game Changing Cyber Defensive Strategies for 2019
Game Changing Cyber Defensive Strategies for 2019Game Changing Cyber Defensive Strategies for 2019
Game Changing Cyber Defensive Strategies for 2019
 
120019_top5_security
120019_top5_security120019_top5_security
120019_top5_security
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trends
 
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation PlansEvolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans
Evolution of Offensive Testing - ATT&CK-based Adversary Emulation Plans
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
SecurityOperations
SecurityOperationsSecurityOperations
SecurityOperations
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 

More from Prime Infoserv

Face Recognition under COVID19 crisis
Face Recognition under COVID19 crisisFace Recognition under COVID19 crisis
Face Recognition under COVID19 crisisPrime Infoserv
 
Face Chk - Face Recognition
Face Chk - Face RecognitionFace Chk - Face Recognition
Face Chk - Face RecognitionPrime Infoserv
 
Data Protection and E-contracting
Data Protection and E-contractingData Protection and E-contracting
Data Protection and E-contractingPrime Infoserv
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaPrime Infoserv
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marPrime Infoserv
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroPrime Infoserv
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilientPrime Infoserv
 
DLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsDLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsPrime Infoserv
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Corporate Presentation - Netmagic
Corporate Presentation - NetmagicCorporate Presentation - Netmagic
Corporate Presentation - NetmagicPrime Infoserv
 
Teamwork with Microsoft Teams
Teamwork with Microsoft TeamsTeamwork with Microsoft Teams
Teamwork with Microsoft TeamsPrime Infoserv
 
Windows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsWindows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsPrime Infoserv
 
Email Security – Everyone is a Target
Email Security – Everyone is a TargetEmail Security – Everyone is a Target
Email Security – Everyone is a TargetPrime Infoserv
 
BCM Webinar presentation
BCM Webinar presentationBCM Webinar presentation
BCM Webinar presentationPrime Infoserv
 
Phishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePhishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePrime Infoserv
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watsonPrime Infoserv
 

More from Prime Infoserv (20)

Face Recognition under COVID19 crisis
Face Recognition under COVID19 crisisFace Recognition under COVID19 crisis
Face Recognition under COVID19 crisis
 
Face Chk - Face Recognition
Face Chk - Face RecognitionFace Chk - Face Recognition
Face Chk - Face Recognition
 
Data Protection and E-contracting
Data Protection and E-contractingData Protection and E-contracting
Data Protection and E-contracting
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by Barracuda
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 mar
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 
DLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsDLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH Situations
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
Corporate Presentation - Netmagic
Corporate Presentation - NetmagicCorporate Presentation - Netmagic
Corporate Presentation - Netmagic
 
Teamwork with Microsoft Teams
Teamwork with Microsoft TeamsTeamwork with Microsoft Teams
Teamwork with Microsoft Teams
 
Microsoft Teams-flyer
Microsoft Teams-flyerMicrosoft Teams-flyer
Microsoft Teams-flyer
 
Windows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsWindows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefits
 
Email Security – Everyone is a Target
Email Security – Everyone is a TargetEmail Security – Everyone is a Target
Email Security – Everyone is a Target
 
BCM Webinar presentation
BCM Webinar presentationBCM Webinar presentation
BCM Webinar presentation
 
FireEye Portfolio
FireEye PortfolioFireEye Portfolio
FireEye Portfolio
 
Phishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePhishing Simulation By Shield Alliance
Phishing Simulation By Shield Alliance
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
 

Recently uploaded

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

PaloAlto Enterprise Security Solution

  • 1. 1 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex Secures The Future REINVENTING SECURITY OPERATIONS
  • 2. 2 | © 2019 Palo Alto Networks. All Rights Reserved. How to use this deck This deck is meant to be a modular master deck for customer meetings. Please note that most meetings will be focused on either Cortex XDR or Demisto (and not both) so please make a copy and reduce the slides down to meet the needs of the specific meeting. If you would like create your own personal personal copy to customize, use File -> “Make a copy” Standalone decks with additional product slides: • Cortex XDR • Demisto
  • 3. 3 | © 2019 Palo Alto Networks. All Rights Reserved. Emerging Challenges in Security Operations
  • 4. 4 | © 2019 Palo Alto Networks. All Rights Reserved. 412M records stolen 2M records stolen 2.9M records stolen 147M records stolen 1998 As threats escalate, SecOps is more important than ever 110M records stolen 2B records stolen 145M records stolen 143M records stolen 47M 182M 600M 925M + Morris Worm Space agency breach 134M credit cards stolen 150M records stolen 500M guest records stolen77M records stolen New Malicious programs registered New Malicious programs registered New Malicious programs registeredNew Malicious programs registered 200M records stolen 95M records stolen 1.6M records stolen Present20162013201020072004 Malicious code Trojans Worms Viruses Identity theft Phishing Mobile viruses DNS attacks Botnets Sabotage Anti-spam SQL attacks Social engineering DDos attacks Malicious email Ransomware Botnets Banking malware Keyloggers Ransomware Botnets Ransomware Cryptominer Certificate attacks Bitcoin wallet Android hacks Insider threats Cyberwarfare Fileless attacks Automated & AI attacks Cloud migration S3 buckets
  • 5. 5 | © 2019 Palo Alto Networks. All Rights Reserved. Why security teams struggle Too Many Alerts Limited ContextLack of Time 174k alerts per week 30+ point products 4+ days to complete an investigation
  • 6. 6 | © 2019 Palo Alto Networks. All Rights Reserved. The reality (and complexity) of security operations NEWS & ALERTS
  • 7. 7 | © 2019 Palo Alto Networks. All Rights Reserved. Low (Reactive) How SecOps must transform to reduce risk Medium High (Proactive) EFFICIENCY MTTR/MTTD & RISK Maturity Detection RULE-BASED CORRELATED RULE-BASED ANALYTICS-BASED Context LOG AGGREGATION SILOED DATA COLLECTION INTEGRATED RICH DATA Automation NONE PARTIAL FULL
  • 8. 8 | © 2019 Palo Alto Networks. All Rights Reserved. Our Unique Approach
  • 9. 9 | © 2019 Palo Alto Networks. All Rights Reserved. Log repository Rules Reactive investigation SOC Manual Processes 9 | © 2019 Palo Alto Networks, Inc. All Rights Reserved. Traditional Approach to the SOC Isn’t Working
  • 10. 10 | © 2019 Palo Alto Networks. All Rights Reserved. Good data Analytics Proactive response Automation 10 | © 2019 Palo Alto Networks, Inc. All Rights Reserved. Our Unique Approach With Cortex
  • 11. 11 | © 2019 Palo Alto Networks. All Rights Reserved. Reinventing SecOps with Cortex Cortex XDR Prevent & Next-Generation Firewall Prevent everything you can Cortex XDR Pro Everything you can’t prevent, detect and investigate fast Demisto Automate response and get smarter with each incident
  • 12. 12 | © 2019 Palo Alto Networks. All Rights Reserved. Endpoint protection ML-based threat detection Investigation & response Case management Real-time collaboration Security orchestration and automation Threat intelligence Reinventing SecOps with Cortex
  • 13. 13 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Endpoint Protection
  • 14. 14 | © 2019 Palo Alto Networks. All Rights Reserved. Legacy EPPs can’t keep up with advanced threats and burden local systems The Problem: Endpoint infections continue despite best efforts Legacy Endpoint Security Has Failed Endpoint Detection & Response is Limited EDR is locked to the endpoint and lacks a solution for unmanaged devices Siloed Network & Endpoint Protection Current approaches do not share protections between different parts of the enterprise
  • 15. 15 | © 2019 Palo Alto Networks. All Rights Reserved. Before After Our Approach: Best-in-class endpoint protection Phishing email and credentials stolen Login using RPC and download malware Exploit local vulnerabilities Infect local endpoint and prepare for exfiltration Lateral movement and data exfiltration Exploit prevention based on technique Malware protection trained by WildFire Exploit prevention based on technique Behavioral Threat Protection (BTP) Investigate & respond with Cortex XDR
  • 16. 16 | © 2019 Palo Alto Networks. All Rights Reserved. Stop the advanced threats with machine learning, behavioral protection, and exploit mitigation Key Differentiators: Best-in-class prevention Prevent All Threats Enterprise-wide Detection & Response Find, investigate and stop all attacks across network, endpoint and cloud assets Shared Protections Share protections across network, endpoint, and a global community of users
  • 17. 17 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Threat Detection
  • 18. 18 | © 2019 Palo Alto Networks. All Rights Reserved. Sophisticated attacks & insider abuse can bypass controls The Problem: Too many false positives and missed attacks You Can’t Prevent All Attacks Anomaly Detection is not a “Human” Job Detecting anomalies requires analyzing a comprehensive data set Detection Yields Too Many False Positives Teams waste time and miss threats chasing low-context false positive alerts
  • 19. 19 | © 2019 Palo Alto Networks. All Rights Reserved. Our Approach: ML-based threat detection Before After Data Network Endpoint Network Human Correlation Endpoint Cloud Cloud Detection Detection Detection Data Data Data Data Data High-signal Alerts ML-based Behavior Analytics Custom Rules Data Data Endpoint NetworkCloud Data Integrated data
  • 20. 20 | © 2019 Palo Alto Networks. All Rights Reserved. Eliminate blind spots across network, endpoint, and cloud Key differentiators: Find advanced attacks with analytics Full Visibility To Detect Complex Threats Patented Behavioral Analytics Technology Find hidden threats with patented Machine Learning framework Industry-leading Attack Coverage Detect the most attack techniques according to MITRE ATT&CK evaluations
  • 21. 21 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Investigation & Response
  • 22. 22 | © 2019 Palo Alto Networks. All Rights Reserved. Analysts have to review each alert individually The Problem: Threat containment takes too long Limited Context Across Multiple Alerts Finding Root Cause Takes Too Long By the time you find root cause, the attack has progressed Investigations Are Highly Manual Teams must manually piece together data from siloed tools & data sources
  • 23. 23 | © 2019 Palo Alto Networks. All Rights Reserved. Investigation & response with XDR Before After NTA NTAEPP TI NGFW UEBA NGFWEPP TI UEBA Related alerts grouped into Incidents Phishing alert Chrome.exe cmd.exe powershell.exe wscript.exe7zFM.exe
  • 24. 24 | © 2019 Palo Alto Networks. All Rights Reserved. Turn multiple related alerts into one incident Key Differentiators: Cut investigation & response time Intelligent Alert Grouping Automated Root Cause Analysis Easily understand the source and progression of attacks Data Integration For Full Visibility Unify network, endpoint, and cloud data to streamline analysis
  • 25. 25 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: Phishing Response (Demisto)
  • 26. 26 | © 2019 Palo Alto Networks. All Rights Reserved. Phishing attacks are frequent, easy to execute, and act as the entry vector for most security attacks The Problem: Phishing response is hard High Alert Volumes Ever-Present and Growing 95% of all attacks on enterprise networks are a result of spear phishing1 Disjointed Processes Security teams must coordinate across email inboxes, threat intel, NGFW, ticketing, and other tools for phishing response 1 Source: https://www.networkworld.com/article/2164139/network-security/how-to-blunt-spear-phishing-attacks.htm
  • 27. 27 | © 2019 Palo Alto Networks. All Rights Reserved. Before After Check indicator reputation Collect context Detonate file Quarantine Threat Intelligence SIEM Malware Analysis EDR Manual triage Email Security Analyst Raise severity Open Ticket Email Extract SIEM Threat Intelligence Sandbox IP, domain, attachment SeverityTicketing Mail Ingest Enrich Respond Inform Analyst Our Approach: Phishing response
  • 28. 28 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto integrates with all security tools commonly used for phishing enrichment and response Key Differentiators: Automate and standardize phishing response Product Integrations Automated Actions 1000s of automated actions across security tools make scalable phishing response a reality Intuitive Response Playbooks OOTB and custom task-based workflows enable security teams to coordinate across teams, products, and infrastructures
  • 29. 29 | © 2019 Palo Alto Networks. All Rights Reserved. Use Case: IT And Security Processes Automation (Demisto)
  • 30. 30 | © 2019 Palo Alto Networks. All Rights Reserved. Managing and responding to security incidents involves end users, IT team, NOC team, and other stakeholders The Problem: Processes are disjointed Team Silos Lack of Metrics Security teams lack the time, flexibility, and centralized data to visualize relevant metrics and track performance Shifting Context Coordinating across security tools involves shifting context, leading to rework and fragmented documentation
  • 31. 31 | © 2019 Palo Alto Networks. All Rights Reserved. Our Approach: Security processes Before After Security Analyst SIEM Email Ticketing Data Action Data Action EDR Data Action Threat Intel Firewall Admin IT Team DevOps Alert Sources SIEM Vuln. Mgmt. Email Cloud Alerts Ingest Security Analyst Enrich and Respond Other TeamsPoint Products
  • 32. 32 | © 2019 Palo Alto Networks. All Rights Reserved. Communicate with end users, security teammates, and other teams, both in real-time and through automated tasks Key Differentiators: Centralized incident management with security context Cross-team Communication Granular Dashboards View cross-sections of incident, indicator, and analyst data with custom, widget-driven dashboards and reports Security Focused Context Ingest all security alerts for centralized view and context across the incident response lifecycle
  • 33. 33 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex XDR Detection & Response
  • 34. 34 | © 2019 Palo Alto Networks. All Rights Reserved. ● Best-in-class prevention ● Most comprehensive security data asset ● Continuous ML-based detection ● Automated root-cause analysis ● Integrated response for network and endpoint Cortex XDR breaks down silos to stop all attacks
  • 35. 35 | © 2019 Palo Alto Networks. All Rights Reserved. Key differentiators: Gain enterprise-scale visibility Cortex XDR Cortex Data Lake Network Endpoint Third-Party DataCloud
  • 36. 36 | © 2019 Palo Alto Networks. All Rights Reserved. Cortex XDR: Breaking Down Data and Product Silos User Behavior Analytics Endpoint Protection Network Traffic Analysis Endpoint Detection & Response Prevention, Detection and Response Across Endpoint, Network & Cloud Data EPP UBAEDR NTA
  • 37. 37 | © 2019 Palo Alto Networks. All Rights Reserved. XDR: Imitation is the Sincerest Form of Flattery 37 | © 2019 Palo Alto Networks. All Rights Reserved.
  • 38. 38 | © 2019 Palo Alto Networks. All Rights Reserved. High fidelity local malware prevention trained by WildFire Best-in-class prevention with the Cortex XDR agent Complete malware prevention Uncover and stop complex attacks Analyzes multiple behaviors together to flag complex attacks Superior exploit protection Stop attacks based on exploit techniques
  • 39. 39 | © 2019 Palo Alto Networks. All Rights Reserved. Find stealthy threats with ML & behavioral analytics Continuous ML-based detection High-signal alerts Simplified hunting Quickly find new threats with complete evidence and powerful searches Custom rules Constantly improve detection with custom behavioral rules
  • 40. 40 | © 2019 Palo Alto Networks. All Rights Reserved. Key differentiators: Supercharge Investigation & Response Unified Incident Engine Intelligently group related alerts into one incident Automated Root Cause Analysis Reveal the root cause of attacks in one click Integrated Response Quick actions to contain attacks or run custom forensics
  • 41. 41 | © 2019 Palo Alto Networks. All Rights Reserved. PALO ALTO NETWORKS 88% Cybereason 78% Microsoft 77% CrowdStrike 77% SentinelOne 74% Endgame 74% Carbon Black 74% FireEye 70% Countertack 57% RSA 55% Attack technique coverage Scored higher than all other vendors with 93% fewer misses Cortex XDR MITRE ATT&CK coverage
  • 42. 42 | © 2019 Palo Alto Networks. All Rights Reserved. Augment your team with Cortex MDR partners Achieve the full potential of Cortex XDR at any maturity level with trusted partners
  • 43. 43 | © 2019 Palo Alto Networks. All Rights Reserved. 43 | © 2019 Palo Alto Networks. All Rights Reserved. ” “The relief of knowing we are seeing actual viable data, information we could react to, and incidents we could follow up on. Now we can be ahead of the situation. Greg Biegen, Director of Information Security at Cherwell Software
  • 44. 44 | © 2019 Palo Alto Networks. All Rights Reserved. Summary: Cortex XDR value Reduce risk of a breach Maximize investmentsIncrease SecOps efficiency Lower TCO by 44% Reduce alerts 50x with alert grouping Cut detection & response times 8x
  • 45. 45 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto: Security Orchestration, Automation, And Response
  • 46. 46 | © 2019 Palo Alto Networks. All Rights Reserved. What is SOAR? • Playbooks, runbooks, workflows • Logically organized plan of action • Controlling, activating security product stack from central location Orchestration Automation • Automated scripts • Extensible product integrations • Machine execution of playbook tasks Response • Case management • Analysis and reporting • Communication and collaboration Security Orchestration, Automation, and Response
  • 47. 47 | © 2019 Palo Alto Networks. All Rights Reserved. Respond, automate, and manage with Demisto Alert sources Respond and automate Manage incidents Collaborate and learn Playbook-based orchestration with 300+ vendor integrations Ingest, search and query ALL security incidents Collaborate with other security analysts
  • 48. 48 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a workflow automation engine Respond to incidents with speed and scale 100s of product integrations 1000s of security actions Visual playbook editor
  • 49. 49 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a security ticketing system Standardize process across products, teams and use cases Ingest, search, and query ALL security alerts SLA/Metric tracking Dashboards and Reporting
  • 50. 50 | © 2019 Palo Alto Networks. All Rights Reserved. Why Demisto? Security Ticketing System Workflow Automation Engine Collaboration Platform Demisto is a collaboration platform Improve investigation quality by working together Virtual War Room Real-time security actions Auto-documentation
  • 51. 51 | © 2019 Palo Alto Networks. All Rights Reserved. Before Demisto Lack of defined process Disparate alert sources Repetitive and manual actions Lack of product interconnectivity
  • 52. 52 | © 2019 Palo Alto Networks. All Rights Reserved. After Demisto Standardized and enforceable processes All alerts flowing into one console Automated high-quantity actions Cross-product coordination
  • 53. 53 | © 2019 Palo Alto Networks. All Rights Reserved. Security Operations Breadth of Demisto use-cases Incident Management Phishing Response Cloud Security Vulnerability Management OT Alert Sources Enrich and Respond SIEM and Analytics EDR Cloud Security Alerts Vulnerability Scanners Email Ticketing Threat Intelligence EDR Malware Analysis Email/Web Gateways Ticketing
  • 54. 54 | © 2019 Palo Alto Networks. All Rights Reserved. Breadth of Demisto integrations Analytics and SIEM Threat Intelligence Malware Analysis Endpoint Network Security Authentication Email Gateway Ticketing Messaging Cloud ...and more!
  • 55. 55 | © 2019 Palo Alto Networks. All Rights Reserved. 55 | © 2019 Palo Alto Networks. All Rights Reserved. ” “Demisto's process modularity and automation has helped us stay agile as we onboard new technologies. Demisto is really the constant 'sheet music' that keeps our security orchestra going. Sean Hastings, Senior Information Security Analyst
  • 56. 56 | © 2019 Palo Alto Networks. All Rights Reserved. Demisto value Standardize and scale processes Coordinate actions across security products Lower response times with automation *Real stats from Demisto customers Reduced weekly alerts from 10,000 to 500 Reduced response times from 3 days to 25 minutes Automated 30% of incidents for 1 FTE time saved
  • 57. 57 | © 2019 Palo Alto Networks. All Rights Reserved. 57 | © 2019 Palo Alto Networks. All Rights Reserved. ” “Launched in 2015, Demisto rapidly became one of the most visible security orchestration, automation and response (SOAR) vendors, outshining vendors launched years earlier. An early focus on user interface (and not just the APIs), its inclusion of machine learning, usable Slack integration, and sizable stable of out-of-the box integration with tools and online services makes it a popular SOAR tool. Anton Chuvakin, Ex-Research VP, Gartner Demisto successfully maps with all of Gartner’s recommended capabilities for SOAR vendors. View Full PDF "Cool Vendor" in Security Operations and Vulnerability Management, 2018
  • 58. 58 | © 2019 Palo Alto Networks. All Rights Reserved. Palo Alto Networks: Better Together
  • 59. 59 | © 2019 Palo Alto Networks. All Rights Reserved. SECURE THE ENTERPRISE
  • 60. 60 | © 2019 Palo Alto Networks. All Rights Reserved. 60,000+ customers in 150+ countries 85 of Fortune 100 rely on Palo Alto Networks 63% of the Global 2K are Palo Alto Networks customers Revenue trend 40% CAGR FY14 ‒ FY18 FY14 FY15 FY16 FY17 FY18 #1 in enterprise security 28% year over year revenue growth* 9.1/10 average CSAT score The world’s leading cybersecurity company Q4FY2018. Fiscal year ends July 31 Gartner, Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 1Q18, 14 June 2018
  • 61. 61 | © 2019 Palo Alto Networks. All Rights Reserved. Get a Hassle-Free Cortex XDR Demo Take Demisto For a Spin Next steps
  • 62. 62 | © 2019 Palo Alto Networks. All Rights Reserved. Thank You paloaltonetworks.com Email: name@paloaltonetworks.com Twitter: @PaloAltoNtwks
  • 63. 63 | © 2019 Palo Alto Networks. All Rights Reserved. Complete endpoint protection Cortex XDR Prevent Cortex XDR 2.0 product tiers Comprehensive prevention, detection, investigation, and response Cortex XDR Pro 30 days Cortex Data Lake retention included
  • 64. 64 | © 2019 Palo Alto Networks. All Rights Reserved. What is Demisto? Visual playbook editor Respond to incidents the same way every time Task-based workflows SLA & metric tracking Standardize Process Auto documentation Reduce business and security risk Dashboards & reports Improved ROI Reduce Risk Thousands of security actions Respond to incidents with speed and scale Hundreds of integrations Cross correlations Accelerate Response Investigation Canvas Improve investigation quality by working together Virtual War Room Machine Learning Collaborate & Learn