SlideShare une entreprise Scribd logo

AlienVault MSSP Overview - A Different Approach to Security for MSSP's

Télécharger en tant que PPTX, PDF
AlienVault
AlienVault

- Overview of the AlienVault USM Platform - Differentiation through Delivery "Threat Detection That Works" - Ways to Engage via Managed Services, Security Device Management and Professional Services - AlienVault MSSP Program Details

Technologie
1  sur  20
AlienVault – MSSP Program Overview AUGUST 13, 2014 A DIFFERENT APPROACH TO SECURITY FOR MSSP’S partners@alienvault.com
AGENDA • Market Overview • “The 5 areas customers consider when selecting an MSSP” • Where most MSSPs struggle to offer real value • Overview of the AlienVault USM Platform • Differentiation through Delivery "Threat Detection That Works” • AlienVault MSSP Program Details
Market Realities WHAT WE KNOW ABOUT ORGANIZATIONS • Lack the in-house capabilities required to keep pace with changing business demands, compliance mandates, and emerging threats for strategic implementation of new IT security solutions. • Don’t have the capabilities to effectively monitor and manage the security infrastructure to ensure optimal utilization of current assets. • Have in-house IT staffs that spend too much time on day- to-day operational security issues versus new strategic projects. • Depend on IT security tools and processes that provide a reactive, rather than proactive, approach to mitigating risk and minimizing data loss and downtime. … Which has led to organizations moving to
Those who look for a platform that is already integrated – or “Unified (Integrated) Security Two Types of MSSPs Those who try to buy/build and integrate it all on their own…
Observations of MSSPs in the Market CHALLENGES ON DELIVERING VALUE Operationalizing the Offering - Many MSSPs don’t have the experience needed to avoid the costly mistakes and end up managing the system far more than they spend on the value they bring to their customers. Attempting to tie disparate systems together is a failed strategy. Basic (i.e. “Weak”) Correlation - Correlation of events and Incident-specific reports are required to offer true security visibility; however most MSSPs don’t deploy solutions that allow customers to get anything more than very basic reporting/correlation Deployment of SIEM technology to provide in-house alerting and log analysis: - MSSPs typically lack the needed insight into the customer IT and business environment; thus, they are challenged in determining whether events involving
Let’s “double-click’ on these challenges High Fidelity vs. False Positives - “Custom” correlation is the only way to achieve any true value/threat visiblity from a SIEM platform. The task of base-lining an environment and creating these alerts/alarms is daunting enough in a single environment – How can an MSSP deliver this across many environments? Poor Change Management - Strong correlation is based on “known” baselines and an intimate understanding of a customers environment. MSSPs by virtue of what they do – are an after thought to change management by the organizations who work with MSSPs. Every change to that environment impacts the fidelity of correlation. Poor correlation = poor threat detection. Poor Log Storage - Logs are only valuable to your customers if they can access them. Storing logs for a sufficient period of time or in a location that the customer cannot be access makes the services less valuable. CORRELATION
Delivering Confidence, Simplicity & ValueWHAT YOU CAN OFFER YOUR CUSTOMERS Managed security operations and response - Provide first line incident detection and triage - Escalate to customer as needed for remediation response Reporting of vulnerabilities and threats - Identify known malicious entities probing their systems - Detect latest attack payloads - Identify compromised systems - Leverage time-tested security controls with minimal deployment overhead - Identify potentially insecure behaviors - Identify unpatched software, known to vulnerable … A single security technology stack makes this possible – AT SCALE
POWER OF THE OPEN THREAT EXCHANGE (OTX) TO DETECT THREATS Crowd-sourced threat data from 8,000+ sites across 140 countries 500,000+ IPs validated daily Free Threat Services • Reputation Alert Monitor • Threat Finder • Interactive Threat Map
Award-Winning Solution Used by 10,000+ for Threat Detection, Incident Response and Compliance Management
What Is Valuable? Identify Ways to Compromise Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform
Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Asset Discovery Identify Ways to Compromise Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform
Asset Discovery Vulnerability Assessment Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification
Asset Discovery Vulnerability Assessment Threat Detection Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring
Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring
Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Security Intelligence Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring Security Intelligence  SIEM Event Correlation  Incident Response
Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring Security Intelligence  SIEM Event Correlation  Incident Response Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Security Intelligence AV Labs Threat Intelligence Contextual Threat Intelligence
Threat Intelligence Powered by Open Collaboration OTX + AlienVault Labs
MSSP “GETTING STARTED” PACKAGES Public Training + Deployment Assistance Private Training + Deployment Assistance Packages include… • AlienVault product training for one (1) engineer at a public AlienVault training center • Three (3) days of remote support by a Certified AlienVault Deployment Architect • AlienVault product training for up to 8 people at your facility • Three (3) days of remote support by a Certified AlienVault Deployment Architect Become a certified AlienVault MSSP partner
MSSP Partner of AlienVault SMALL SAMPLING OF PARTNERS Today we have 100+ MSSPs around the world… some supporting less than 5 customers…some supporting 100’s of customers • Breaches/Infection rates have no correlation to company size so smaller MSSPs have the same challenges that larger MSSPs do. The problem they solve is just as significant. • Larger companies do have larger budgets so when serving the small business and mid-market; efficiency at scale is important. We offer entry points for any size MSSP. The largest to the newly formed.
Thank You PARTNERS@ALIENVAULT.COM Questions or Assistance?

Recommandé

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingAtif Ghauri
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?manoharparakh
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
MSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationMSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationSiemplify
 

Recommandé

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingAtif Ghauri
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?manoharparakh
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
MSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationMSSP - Security Orchestration & Automation
MSSP - Security Orchestration & AutomationSiemplify
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)Vijilan IT Security solutions
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfTapOffice
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 
Security Information and Event Managemen
Security Information and Event ManagemenSecurity Information and Event Managemen
Security Information and Event ManagemenS Periyakaruppan CISM,ISO31000,C-EH,ITILF
 
To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015Paul Hogan
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPHuntsman Security
 

Contenu connexe

Tendances

From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)Vijilan IT Security solutions
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfTapOffice
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 

Tendances (20)

From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptx
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
 
Security Information and Event Managemen
Security Information and Event ManagemenSecurity Information and Event Managemen
Security Information and Event Managemen
 

En vedette

To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015Paul Hogan
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPHuntsman Security
 
Outsourcing Security Management
Outsourcing Security ManagementOutsourcing Security Management
Outsourcing Security ManagementNick Krym
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
C&W Product Portfolio
C&W Product PortfolioC&W Product Portfolio
C&W Product PortfolioCWBusiness
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction swAlienVault
 
Three Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramThree Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramMorphick
 
Gamification of your Global Information Security Operations Center - RSA 2015
Gamification of your Global Information Security Operations Center - RSA 2015Gamification of your Global Information Security Operations Center - RSA 2015
Gamification of your Global Information Security Operations Center - RSA 2015Morphick
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
Le gouvernement électronique au Togo : Etat des lieux et prospectives
Le gouvernement électronique au Togo : Etat des lieux et prospectivesLe gouvernement électronique au Togo : Etat des lieux et prospectives
Le gouvernement électronique au Togo : Etat des lieux et prospectivesEASY EGOV
 
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...David Castro
 
Dizzion Channel Partner Training blow sales objections out of the water
Dizzion Channel Partner Training blow sales objections out of the waterDizzion Channel Partner Training blow sales objections out of the water
Dizzion Channel Partner Training blow sales objections out of the waterDizzion, Inc.
 
MSP Sales Best Practice | How to Close Sales Leads
MSP Sales Best Practice | How to Close Sales LeadsMSP Sales Best Practice | How to Close Sales Leads
MSP Sales Best Practice | How to Close Sales LeadsDavid Castro
 
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...David Castro
 
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 

En vedette (20)

To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015To MSSP or not to MSSP IISF 2015
To MSSP or not to MSSP IISF 2015
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSP
 
Outsourcing Security Management
Outsourcing Security ManagementOutsourcing Security Management
Outsourcing Security Management
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
C&W Product Portfolio
C&W Product PortfolioC&W Product Portfolio
C&W Product Portfolio
 
Citrix Day 2012: ShareFile
Citrix Day 2012: ShareFileCitrix Day 2012: ShareFile
Citrix Day 2012: ShareFile
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
 
Three Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramThree Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response Program
 
Gamification of your Global Information Security Operations Center - RSA 2015
Gamification of your Global Information Security Operations Center - RSA 2015Gamification of your Global Information Security Operations Center - RSA 2015
Gamification of your Global Information Security Operations Center - RSA 2015
 
Forrester Emerging MSSP Wave
Forrester Emerging MSSP WaveForrester Emerging MSSP Wave
Forrester Emerging MSSP Wave
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance Guide
 
Le gouvernement électronique au Togo : Etat des lieux et prospectives
Le gouvernement électronique au Togo : Etat des lieux et prospectivesLe gouvernement électronique au Togo : Etat des lieux et prospectives
Le gouvernement électronique au Togo : Etat des lieux et prospectives
 
Webinar: Data warehouse na nuvem da AWS
Webinar: Data warehouse na nuvem da AWSWebinar: Data warehouse na nuvem da AWS
Webinar: Data warehouse na nuvem da AWS
 
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...
Why You Should Be Selling Business Continuity Services (5 MSP Tips to Get Sta...
 
Dizzion Channel Partner Training blow sales objections out of the water
Dizzion Channel Partner Training blow sales objections out of the waterDizzion Channel Partner Training blow sales objections out of the water
Dizzion Channel Partner Training blow sales objections out of the water
 
MSP Sales Best Practice | How to Close Sales Leads
MSP Sales Best Practice | How to Close Sales LeadsMSP Sales Best Practice | How to Close Sales Leads
MSP Sales Best Practice | How to Close Sales Leads
 
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...
 
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
 

Similaire à AlienVault MSSP Overview - A Different Approach to Security for MSSP's

Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudAmazon Web Services
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentInfocyte
 
Cyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxCyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxTikdiPatel
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 
Automating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAutomating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAmazon Web Services
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteSplunk
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Webinar - Feel Secure with revolutionary OTM Solution
Webinar - Feel Secure with revolutionary OTM SolutionWebinar - Feel Secure with revolutionary OTM Solution
Webinar - Feel Secure with revolutionary OTM SolutionJK Tech
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
Web app penetration testing best methods tools used
Web app penetration testing best methods tools usedWeb app penetration testing best methods tools used
Web app penetration testing best methods tools usedZoe Gilbert
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleGregory Hanis
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentationaksit_services
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Netpluz Asia Pte Ltd
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 

Similaire à AlienVault MSSP Overview - A Different Approach to Security for MSSP's (20)

Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Cyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxCyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptx
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
Automating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS CloudAutomating Event Driven Security in the AWS Cloud
Automating Event Driven Security in the AWS Cloud
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - Deloitte
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
 
Webinar - Feel Secure with revolutionary OTM Solution
Webinar - Feel Secure with revolutionary OTM SolutionWebinar - Feel Secure with revolutionary OTM Solution
Webinar - Feel Secure with revolutionary OTM Solution
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
Why ips slide share
Why ips slide shareWhy ips slide share
Why ips slide share
 
Web app penetration testing best methods tools used
Web app penetration testing best methods tools usedWeb app penetration testing best methods tools used
Web app penetration testing best methods tools used
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentation
 
Aksit profile final
Aksit profile finalAksit profile final
Aksit profile final
 
Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 

Plus de AlienVault

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?AlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideAlienVault
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICAlienVault
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesAlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware WorksAlienVault
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationAlienVault
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSAlienVault
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMAlienVault
 

Plus de AlienVault (20)

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
 

Dernier

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

AlienVault MSSP Overview - A Different Approach to Security for MSSP's

  • 1. AlienVault – MSSP Program Overview AUGUST 13, 2014 A DIFFERENT APPROACH TO SECURITY FOR MSSP’S partners@alienvault.com
  • 2. AGENDA • Market Overview • “The 5 areas customers consider when selecting an MSSP” • Where most MSSPs struggle to offer real value • Overview of the AlienVault USM Platform • Differentiation through Delivery "Threat Detection That Works” • AlienVault MSSP Program Details
  • 3. Market Realities WHAT WE KNOW ABOUT ORGANIZATIONS • Lack the in-house capabilities required to keep pace with changing business demands, compliance mandates, and emerging threats for strategic implementation of new IT security solutions. • Don’t have the capabilities to effectively monitor and manage the security infrastructure to ensure optimal utilization of current assets. • Have in-house IT staffs that spend too much time on day- to-day operational security issues versus new strategic projects. • Depend on IT security tools and processes that provide a reactive, rather than proactive, approach to mitigating risk and minimizing data loss and downtime. … Which has led to organizations moving to
  • 4. Those who look for a platform that is already integrated – or “Unified (Integrated) Security Two Types of MSSPs Those who try to buy/build and integrate it all on their own…
  • 5. Observations of MSSPs in the Market CHALLENGES ON DELIVERING VALUE Operationalizing the Offering - Many MSSPs don’t have the experience needed to avoid the costly mistakes and end up managing the system far more than they spend on the value they bring to their customers. Attempting to tie disparate systems together is a failed strategy. Basic (i.e. “Weak”) Correlation - Correlation of events and Incident-specific reports are required to offer true security visibility; however most MSSPs don’t deploy solutions that allow customers to get anything more than very basic reporting/correlation Deployment of SIEM technology to provide in-house alerting and log analysis: - MSSPs typically lack the needed insight into the customer IT and business environment; thus, they are challenged in determining whether events involving
  • 6. Let’s “double-click’ on these challenges High Fidelity vs. False Positives - “Custom” correlation is the only way to achieve any true value/threat visiblity from a SIEM platform. The task of base-lining an environment and creating these alerts/alarms is daunting enough in a single environment – How can an MSSP deliver this across many environments? Poor Change Management - Strong correlation is based on “known” baselines and an intimate understanding of a customers environment. MSSPs by virtue of what they do – are an after thought to change management by the organizations who work with MSSPs. Every change to that environment impacts the fidelity of correlation. Poor correlation = poor threat detection. Poor Log Storage - Logs are only valuable to your customers if they can access them. Storing logs for a sufficient period of time or in a location that the customer cannot be access makes the services less valuable. CORRELATION
  • 7. Delivering Confidence, Simplicity & ValueWHAT YOU CAN OFFER YOUR CUSTOMERS Managed security operations and response - Provide first line incident detection and triage - Escalate to customer as needed for remediation response Reporting of vulnerabilities and threats - Identify known malicious entities probing their systems - Detect latest attack payloads - Identify compromised systems - Leverage time-tested security controls with minimal deployment overhead - Identify potentially insecure behaviors - Identify unpatched software, known to vulnerable … A single security technology stack makes this possible – AT SCALE
  • 8. POWER OF THE OPEN THREAT EXCHANGE (OTX) TO DETECT THREATS Crowd-sourced threat data from 8,000+ sites across 140 countries 500,000+ IPs validated daily Free Threat Services • Reputation Alert Monitor • Threat Finder • Interactive Threat Map
  • 9. Award-Winning Solution Used by 10,000+ for Threat Detection, Incident Response and Compliance Management
  • 10. What Is Valuable? Identify Ways to Compromise Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform
  • 11. Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Asset Discovery Identify Ways to Compromise Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform
  • 12. Asset Discovery Vulnerability Assessment Start Looking for Threats Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification
  • 13. Asset Discovery Vulnerability Assessment Threat Detection Look For Strange Activity Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring
  • 14. Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Piece It All Together Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring
  • 15. Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Security Intelligence Understand the Threats Unified Security Management Platform Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring Security Intelligence  SIEM Event Correlation  Incident Response
  • 16. Asset Discovery  Active & Passive Network Scanning  Asset Inventory  Host-based Software Inventory Vulnerability Assessment  Network Vulnerability Testing  Remediation Verification Threat Detection  Network & Host IDS  Wireless IDS  File Integrity Monitoring Behavioral Monitoring  Log Collection  NetFlow Analysis  Service Availability Monitoring Security Intelligence  SIEM Event Correlation  Incident Response Asset Discovery Vulnerability Assessment Threat Detection Behavioral Monitoring Security Intelligence AV Labs Threat Intelligence Contextual Threat Intelligence
  • 17. Threat Intelligence Powered by Open Collaboration OTX + AlienVault Labs
  • 18. MSSP “GETTING STARTED” PACKAGES Public Training + Deployment Assistance Private Training + Deployment Assistance Packages include… • AlienVault product training for one (1) engineer at a public AlienVault training center • Three (3) days of remote support by a Certified AlienVault Deployment Architect • AlienVault product training for up to 8 people at your facility • Three (3) days of remote support by a Certified AlienVault Deployment Architect Become a certified AlienVault MSSP partner
  • 19. MSSP Partner of AlienVault SMALL SAMPLING OF PARTNERS Today we have 100+ MSSPs around the world… some supporting less than 5 customers…some supporting 100’s of customers • Breaches/Infection rates have no correlation to company size so smaller MSSPs have the same challenges that larger MSSPs do. The problem they solve is just as significant. • Larger companies do have larger budgets so when serving the small business and mid-market; efficiency at scale is important. We offer entry points for any size MSSP. The largest to the newly formed.

Notes de l'éditeur

  1. – It is difficult to strike the right balance between correlation rules that catch all possible attacks and correlation rules that produce too many false-positive alerts. Tuning often requires a professional services engagement and on-going expenses. This will continue to plague the MSSPs who choose traditional SIEM or Logging solutions as the complexity of managing all of the moves, adds, edits to the data sources (servers, devices, & applications) that feed them is not something they can solve for. Organizations rely on the data collection, normalization and retention for the purpose of correlation. Without strong (i.e. custom) correlation, detecting and responding to threats is impossible. Custom correlation must be verified every time there is a change on the network if an organization wants to ensure the fidelity of their correlation logic.  For example, it’s not uncommon to see a data source change (OS/firmware update), which will dramatically impact the fidelity of the correlation rules/alarms/logic. This happens when updates are performed to network devices, servers (physical & virtual), anti-virus, applications, etc. Organizations are very dynamic. Correlation must also be dynamics UNLESS you solve for this another way. The “Rules-based” approach – When a correlated security event is presented to the security analyst, it’s reasonable to expect the analyst to limit his or her investigation to the data sources reported by the alert. A “Rules-based” approach supports only a go-forward view of security data, if you get a correlation rule wrong, you can’t adjust the model and re-analyze the data, because events that didn’t match the old rule have already been discarded. Not the desired outcome… AlienVault’s USM solution solves for this through “unifying” your entire security technology stack. We’ll dive into that later in this presentation…
  2. AlienVault offers the only unified security management solution to unify the five essential security capabilities you need for complete security visibility. This translates into rapid time to value – faster and easier audits, targeted remediation, and more seamless incident response. The main advantages of USM are simplicity, streamlined installation and use, and the ability to update all the security functions concurrently. These concurrent updates allow AlienVault to do something no other solution on the market can do. AlienVault’s threat intelligence team can write, maintain and verify all the needed correlation delivering the highest levels of security visibility.