Contenu connexe Plus de Unisys Corporation (20) Unisys Advanced Machine Learning Cyber Security Analytics presentation 2. © 2017 Unisys Corporation. All rights reserved. 22
Unisys Builds Large Advanced Data Analytics
Mission Critical Knowledge Environments
We process more than 1.3 Billion transactions a day and
700,000 queries a day predicting threats against the US.
Unisys has been supporting DHS for more than 15 years.
On a Typical Day, Department of Homeland Security-
Customs and Border Protection (DHS-CBP)
• Processes 932,456 passengers and pedestrians
• Processes 64,483 truck, rail, and sea containers
• Seizes 13,717 pounds of drugs
3. © 2017 Unisys Corporation. All rights reserved. 33
Unisys Advanced Cyber Intelligence Platform
• Behavioral Anomaly Detection Models
– Models for the prediction of malicious network activity
across the enterprise
– Works with your current Security information and event
management (SIEM)
• Threat Intelligence Engine
– Models providing increased visibility into known threats
– Improved context and intelligence through the correlation
of multiple threat feeds
– Unique partnership with Team Cymru, Recorded Future,
Farsight and Unisys Intelligence Feeds
• Advanced Dynamic Microsegmentation Model
– Utilizes network data to provide near real time
microsegmentation
– Integrates with most Software Designed Security (SDS)
Solutions including Unisys Stealth
Our Cyber Intelligence
Platform can easily be
integrated with your
current Security
Operations Center
(SOC) operations for
increased security
capabilities leveraging
machine learning and
predictive models
4. © 2017 Unisys Corporation. All rights reserved. 44
Cyber Intelligence Platform
5. © 2017 Unisys Corporation. All rights reserved. 55
Reconnaissance
Lateral
movement
Command and
control
Exfiltration
Threat behavior use cases
IP address
Host name
URL
UserID
Hash
Registry entry
and file
Discrete indicators of compromiseVulnerabilities
Compliance
Malware
analysis
Open source
intel
Industry
licensed intel
Unisys-specific
intel
Advanced Predictive Model API
MSS Cyber Threat Intelligence
• Normalization
• Threat actor tracking
• Attacker use cases
Managed Security Services (MSS)
Cyber Threat
Intelligence Team
Unisys Cyber Threat
Intelligence Platform
Unisys
SOC Network
6. © 2017 Unisys Corporation. All rights reserved. 66
Retail Bank Social and
Dark Web Threat Intelligence
Business Problem
• Need for additional threat intelligence and context
for risks to the enterprise
Business Benefits
• Physical threat to locations and executives
• Intelligence on dark web chatter specifically focused
on the brand and banking threats in general
• Exposed network credentials, phishing attempts, CC
numbers and advanced intelligence prior to events
• Integration with current SIM and security tools for
easy implementation into existing processes
Our Solution
• Our unified social and dark web listening solution
eliminates noise and provides a level of intelligence
that has not been available before
7. © 2017 Unisys Corporation. All rights reserved. 77
Large Utility Client
Advanced ML and Predictive Threat Detection
Business Problem
• Ingest network data from existing SIEM tool and
SOC environment to identify cyber threats before
they occur
Business Benefits
• Identifying network anomalies for both external and
internal threats near-real time
• Expanding the overall capabilities and time to action
for the SOC and Security personnel
• Reduced false positives
• Identification of unknown malicious activities through
advanced anomaly detection
Our Solution
• Our unified cyber security-risk platform —
implementing machine-learning to provide a
comprehensive cyber-threat defense capability
8. © 2017 Unisys Corporation. All rights reserved. 88
University Network Application Optimization
Business Problem
• Extreme network peaks and degradation in
availability; unidentified issues causing network
failure
Business Benefits
• Network behavioral models identify high demand
peaks and application utilization
• Machine Learning helps to provide insights to
predict potential network issues before they happen
• Optimization of hardware and cloud infrastructure
investment to maintain network performance
Our Solution
• Our network anomaly detection models for
applications and machine learning provide real time
insights and predict patterns of usage through
actionable intelligence
9. Thank you!
Learn more at: Unisys.com/CybersecurityAnalyticsLearn more at: Unisys.com/CybersecurityAnalytics