SlideShare une entreprise Scribd logo

Threat Life Cycle Management

Fujitsu Middle East
Fujitsu Middle East

Victims of damaging cyber breaches make the news every week – don’t become one of them! The rate of breaches continues to go up every year and it is not just experienced by large companies. Companies need to have the ability to: View “Holistic attack surface”,2. Mission realization, and 3.Kill the threat easily 60% of breached organizations included in the 2015 Verizon DBIR were initially compromised within minutes, and yet for most of those organizations it took hundreds of days to detect the intruders. Fortunately, an intrusion does not equal a breach. In fact, there are usually several steps that typically follow an initial compromise before the bad guys get away with the goods or disrupt a critical service. Detecting early warning signs such as an initial system compromise, command and control activity or suspicious lateral movement of intruders can provide the necessary lead time to respond and defuse. Logrhythm help organizations reduce MEAN TIME TO DETECT & MEAN TIME TO RESPOND. Omar Barakat, Regional Channel Manager – Middle East, Turkey & Africa, Logrhythm Threat Life Cycle Management

Business
1  sur  21
Télécharger pour lire hors ligne
1 | © 2016 LogRhythm LogRhythm Overview Omar Barakat Regional Channel Manager Middle East, Turkey & Africa
Company Confidential The Modern Cyber Threat Pandemic 3,930 Breaches in 2015 953 Breaches in 2010 736 million records were exposed in 2015, compared to 96 million records in 2010 1,000,000,000 records exposed in one breach in 2016 - Yahoo! The security industry is facing serious talent and technology shortages SelectedDataBreaches Source: World’s Biggest Data Breaches, Information is Beautiful 2016 1 Breach 1,000,000,000 (records) Yahoo! 321 Breaches in 2006
Company Confidential No End In Sight Motivated Threat Actors Cyber- crime Supply Chain Expanding Attack Surface Motivated Threat Actors Cyber-crime Supply Chain Expanding Attack Surface
4 | © 2016 LogRhythm Recon. & Planning Initial Compromise Command & Control Lateral Movement Target Attainment Exfiltration, Corruption, Disruption Modern threats take their time and leverage the holistic attack surface The Cyber Attack Lifecycle
5 | © 2016 LogRhythm Protection Through Faster Detection & Response High Vulnerability Low Vulnerability Months Days Hours Minutes Weeks MTTD&MTTR MEAN TIME TO DETECT (MTTD) The average time it takes to recognize a threat requiring further analysis and response efforts MEAN TIME TO RESPOND (MTTR) The average time it takes to respond and ultimately resolve the incident As organizations improve their ability to quickly detect and respond to threats, the risk of experiencing a damaging breach is greatly reduced Exposed to Threats Resilient to Threats
6 | © 2016 LogRhythm Detection & Response IT Security Budgets 2013 Prevention Detection & Response Prevention IT Security Budgets 2020 Strategic Shift to Detection and Response is Occurring Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from 20% in 2015. –Gartner, 2016 Detection & Response IT Security Budgets 2015 Prevention
7 | © 2016 LogRhythm Obstacles To Faster Detection & Response Data Quality Alarm Fatigue Swivel Chair Analysis Forensic Data Silos Fragmented Workflow Lack of Automation Effective Threat Lifecycle Management  Addresses these obstacles  Enables faster detection and response to threats
8 | Company Confidential This Approach Is Not Effective Log Management SIEM Endpoint Monitoring & Forensics Security Automation & Orchestration Network Behavioral Analytics Security Analytics
9 | Company Confidential Our Approach Forensic Data Collection Discover Qualify Investigate Neutralize Recover
10 | Company Confidential Threat Lifecycle Management (TLM) • Series of aligned security operations capabilities • Begins with ability to “see” broadly and deeply across IT environment • Ends with ability to quickly mitigate and recover from security incidents Goal is to reduce mean time to detect (MTTD) and mean time to respond (MTTR), while keeping staffing levels flat
11 | Company Confidential End-to-End Threat Lifecycle Management Workflow TIME TO DETECT TIME TO RESPOND Forensic Data Collection InvestigateQualifyDiscover RecoverNeutralize Security event data Log & machine data Forensic sensor data Search analytics Machine analytics Assess threat Determine risk Is full investigation necessary? Analyze threat Determine nature and extent of incident Implement counter- measures Mitigate threat & associated risk Clean up Report Review Adapt
12 | © 2016 LogRhythm Top Five LogRhythm Differentiators
13 | Company Confidential Top 5 Differentiators TIME TO DETECT TIME TO RESPOND Forensic Data Collection InvestigateQualifyDiscover RecoverNeutralize 2. Precision Search 3. Holistic Threat Detection 5. Embedded Security Automation and Orchestration 1. Machine Data Intelligence (MDI) 4. Risk-Based Monitoring
14 | Company Confidential Machine Data Intelligence Fabric LogRhythm Network Monitor LogRhythm System Monitor Data Collection Data Generation Machine Data Intelligence (MDI) Fabric • Uniform Data Classification • Uniform Data Structure • Time Normalization • Risk Score • Organizational Context • User Persona • Host Persona • Geolocation • Flow Direction • …more Search Analytics Machine Analytics Benefits  Serves as IT environment abstraction layer  Enables generic scenario representation  Allows for high-efficacy packaged analytics modules
15 | Company Confidential Precision Search Powered by Elasticsearch Structured Search Unstructured Search Benefits  Quick results  Less “noise”  Investigation automation  Fast and accurate decisions Machine-Assisted Search
16 | Company Confidential Holistic Threat Detection Powered by AI Engine Benefits  Real-time advanced threat detection  Detection across full attack lifecycle  Easily customizable  Lower false negatives AND false positives User Threats Network Threats Endpoint Threats Log Data Contextual Data
17 | Company Confidential Risk-based Monitoring Benefits  Focuses analysts’ time where it matters most  Faster recognition of threats that need attention  Reduces alarm fatigue Risk Prioritized Alarms ! 56 RISK ! 68 RISK ! 97 RISK Risk-based Prioritization Algorithm Events Confide nce Score Confidence Score Threat Score Weighti ngs Weightings Risk Score
18 | Company Confidential Embedded Security Automation and Orchestration Case Management SmartResponse Automation Benefits  Centralizes security investigations  Faster investigations with single toolset  Efficient, confidential collaboration  Automates workflows and responses  Reduces mean time to respond (MTTR)
19 | © 2016 LogRhythm Why LogRhythm As Your Strategic TLM Partner Broad Regulatory Compliance Focus Innovation Customer Success Platform Scalability & Flexibility
20 | © 2016 LogRhythm Market Leadership Certifications & Validations Industry Analysts Company Awards Company of the Year Industry Awards
21 | © 2016 LogRhythm

Recommandé

Industrial Internet of Things (IIoT)
Industrial Internet of Things (IIoT)Industrial Internet of Things (IIoT)
Industrial Internet of Things (IIoT)Aman Soni
 
The business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyThe business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyMark Albala
 
E-tailing (E-Retailing)
E-tailing (E-Retailing)E-tailing (E-Retailing)
E-tailing (E-Retailing)Dr.Kabaly P Subramanian PhD., MCMI (UK)
 
Predictive Analytics: Context and Use Cases
Predictive Analytics: Context and Use CasesPredictive Analytics: Context and Use Cases
Predictive Analytics: Context and Use CasesKimberley Mitchell
 
Cloud computing system models for distributed and cloud computing
Cloud computing system models for distributed and cloud computingCloud computing system models for distributed and cloud computing
Cloud computing system models for distributed and cloud computinghrmalik20
 
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...eraser Juan José Calderón
 
How IoT is Driving Supply Chain Innovation
How IoT is Driving Supply Chain InnovationHow IoT is Driving Supply Chain Innovation
How IoT is Driving Supply Chain InnovationBrittany Martincic
 
Remote Login
Remote LoginRemote Login
Remote Loginhariprasadnr
 

Recommandé

Industrial Internet of Things (IIoT)
Industrial Internet of Things (IIoT)Industrial Internet of Things (IIoT)
Industrial Internet of Things (IIoT)Aman Soni
 
The business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyThe business model canvas adapted for the digital economy
The business model canvas adapted for the digital economyMark Albala
 
E-tailing (E-Retailing)
E-tailing (E-Retailing)E-tailing (E-Retailing)
E-tailing (E-Retailing)Dr.Kabaly P Subramanian PhD., MCMI (UK)
 
Predictive Analytics: Context and Use Cases
Predictive Analytics: Context and Use CasesPredictive Analytics: Context and Use Cases
Predictive Analytics: Context and Use CasesKimberley Mitchell
 
Cloud computing system models for distributed and cloud computing
Cloud computing system models for distributed and cloud computingCloud computing system models for distributed and cloud computing
Cloud computing system models for distributed and cloud computinghrmalik20
 
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...
Emerging Technologies: Changing how we live, work and play  EY-Mint Emerging ...eraser Juan José Calderón
 
How IoT is Driving Supply Chain Innovation
How IoT is Driving Supply Chain InnovationHow IoT is Driving Supply Chain Innovation
How IoT is Driving Supply Chain InnovationBrittany Martincic
 
Remote Login
Remote LoginRemote Login
Remote Loginhariprasadnr
 
System models in distributed system
System models in distributed systemSystem models in distributed system
System models in distributed systemishapadhy
 
Common Standards in Cloud Computing
Common Standards in Cloud ComputingCommon Standards in Cloud Computing
Common Standards in Cloud Computingmrzahidfaiz.blogspot.com
 
Architecture of Mobile Computing
Architecture of Mobile ComputingArchitecture of Mobile Computing
Architecture of Mobile ComputingJAINIK PATEL
 
Ppt for Application of big data
Ppt for Application of big dataPpt for Application of big data
Ppt for Application of big dataPrashant Sharma
 
Challenges and application of Internet of Things
Challenges and application of Internet of ThingsChallenges and application of Internet of Things
Challenges and application of Internet of ThingsAshutosh Bhardwaj
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDumindu Pahalawatta
 
Health Information Privacy and Security
Health Information Privacy and SecurityHealth Information Privacy and Security
Health Information Privacy and SecurityNawanan Theera-Ampornpunt
 
Smart waste management using IoT
Smart waste management using IoTSmart waste management using IoT
Smart waste management using IoTRafee Mizan Khan Chowdhury Niloy
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
Transmission modes
Transmission modesTransmission modes
Transmission modesManaswi Sharma
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityCase IQ
 
FOG COMPUTING- Presentation
FOG COMPUTING- Presentation FOG COMPUTING- Presentation
FOG COMPUTING- Presentation Anjana Shivangi
 
The IoT Advantage
The IoT AdvantageThe IoT Advantage
The IoT AdvantageBarcoding, Inc.
 
M2M technology in IOT
M2M technology in IOTM2M technology in IOT
M2M technology in IOTshashidharPapishetty
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystemMd. Shamsul Haque
 
1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoT1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoTJitendra Tomar
 
Parasitic computing
Parasitic computingParasitic computing
Parasitic computingAritra Mukherjee
 
Case study of wireless sensor network
Case study of wireless sensor networkCase study of wireless sensor network
Case study of wireless sensor networkSushil Aggarwal
 
Fog computing
Fog computingFog computing
Fog computingAnkit_ap
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxCNSHacking
 
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackWebinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackAujas
 

Contenu connexe

Tendances

System models in distributed system
System models in distributed systemSystem models in distributed system
System models in distributed systemishapadhy
 
Architecture of Mobile Computing
Architecture of Mobile ComputingArchitecture of Mobile Computing
Architecture of Mobile ComputingJAINIK PATEL
 
Ppt for Application of big data
Ppt for Application of big dataPpt for Application of big data
Ppt for Application of big dataPrashant Sharma
 
Challenges and application of Internet of Things
Challenges and application of Internet of ThingsChallenges and application of Internet of Things
Challenges and application of Internet of ThingsAshutosh Bhardwaj
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDumindu Pahalawatta
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityCase IQ
 
FOG COMPUTING- Presentation
FOG COMPUTING- Presentation FOG COMPUTING- Presentation
FOG COMPUTING- Presentation Anjana Shivangi
 
1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoT1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoTJitendra Tomar
 
Case study of wireless sensor network
Case study of wireless sensor networkCase study of wireless sensor network
Case study of wireless sensor networkSushil Aggarwal
 
Fog computing
Fog computingFog computing
Fog computingAnkit_ap
 

Tendances (20)

System models in distributed system
System models in distributed systemSystem models in distributed system
System models in distributed system
 
Common Standards in Cloud Computing
Common Standards in Cloud ComputingCommon Standards in Cloud Computing
Common Standards in Cloud Computing
 
Architecture of Mobile Computing
Architecture of Mobile ComputingArchitecture of Mobile Computing
Architecture of Mobile Computing
 
Ppt for Application of big data
Ppt for Application of big dataPpt for Application of big data
Ppt for Application of big data
 
Challenges and application of Internet of Things
Challenges and application of Internet of ThingsChallenges and application of Internet of Things
Challenges and application of Internet of Things
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Health Information Privacy and Security
Health Information Privacy and SecurityHealth Information Privacy and Security
Health Information Privacy and Security
 
Smart waste management using IoT
Smart waste management using IoTSmart waste management using IoT
Smart waste management using IoT
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and Challenges
 
Information Security
Information SecurityInformation Security
Information Security
 
Transmission modes
Transmission modesTransmission modes
Transmission modes
 
Data Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and SecurityData Ethics in the Workplace: Beyond AI, Privacy and Security
Data Ethics in the Workplace: Beyond AI, Privacy and Security
 
FOG COMPUTING- Presentation
FOG COMPUTING- Presentation FOG COMPUTING- Presentation
FOG COMPUTING- Presentation
 
The IoT Advantage
The IoT AdvantageThe IoT Advantage
The IoT Advantage
 
M2M technology in IOT
M2M technology in IOTM2M technology in IOT
M2M technology in IOT
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystem
 
1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoT1. Internet of Things - M2M to IoT
1. Internet of Things - M2M to IoT
 
Parasitic computing
Parasitic computingParasitic computing
Parasitic computing
 
Case study of wireless sensor network
Case study of wireless sensor networkCase study of wireless sensor network
Case study of wireless sensor network
 
Fog computing
Fog computingFog computing
Fog computing
 

Similaire à Threat Life Cycle Management

LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxCNSHacking
 
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackWebinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackAujas
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Karl Kispert
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperRudy Piekarski
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecuritysecuraa
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Enterprise Management Associates
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Cybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log AnalysisCybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log AnalysisJim Kaplan CIA CFE
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress NycBob Maley
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016Ulf Mattsson
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016Francisco González Jiménez
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral AnalyticsInterset
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworksJohn Arnold
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 

Similaire à Threat Life Cycle Management (20)

LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
 
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackWebinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecurity
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
Cybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log AnalysisCybersecurity Series SEIM Log Analysis
Cybersecurity Series SEIM Log Analysis
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworks
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attack
 

Plus de Fujitsu Middle East

Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Fujitsu Middle East
 
Human Centric Innovation - Driving Digital Transformation - Co-creation
Human Centric Innovation - Driving Digital Transformation - Co-creationHuman Centric Innovation - Driving Digital Transformation - Co-creation
Human Centric Innovation - Driving Digital Transformation - Co-creationFujitsu Middle East
 
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...Fujitsu Middle East
 
Is Automation the Solution to Security Overload?
Is Automation the Solution to Security Overload?Is Automation the Solution to Security Overload?
Is Automation the Solution to Security Overload?Fujitsu Middle East
 
Best Practices for Creating an Optimal Data Lake
Best Practices for Creating an Optimal Data LakeBest Practices for Creating an Optimal Data Lake
Best Practices for Creating an Optimal Data LakeFujitsu Middle East
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – DataFujitsu Middle East
 
SAP Digital Transformation in Cloud
SAP Digital Transformation in CloudSAP Digital Transformation in Cloud
SAP Digital Transformation in CloudFujitsu Middle East
 
Cloud Data Management: Protecting your Cloud strategy
Cloud Data Management: Protecting your Cloud strategyCloud Data Management: Protecting your Cloud strategy
Cloud Data Management: Protecting your Cloud strategyFujitsu Middle East
 
Crossing the river with confidence; how Oracle Cloud Applications can transfo...
Crossing the river with confidence; how Oracle Cloud Applications can transfo...Crossing the river with confidence; how Oracle Cloud Applications can transfo...
Crossing the river with confidence; how Oracle Cloud Applications can transfo...Fujitsu Middle East
 
Digital Co-creation with Hybrid IT
Digital Co-creation with Hybrid ITDigital Co-creation with Hybrid IT
Digital Co-creation with Hybrid ITFujitsu Middle East
 
Experience Big Data Analytics use cases ranging from cancer research to IoT a...
Experience Big Data Analytics use cases ranging from cancer research to IoT a...Experience Big Data Analytics use cases ranging from cancer research to IoT a...
Experience Big Data Analytics use cases ranging from cancer research to IoT a...Fujitsu Middle East
 
Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Fujitsu Middle East
 
Transformation to Digital Business with SAP and Fujitsu
Transformation to Digital Business with SAP and FujitsuTransformation to Digital Business with SAP and Fujitsu
Transformation to Digital Business with SAP and FujitsuFujitsu Middle East
 

Plus de Fujitsu Middle East (18)

Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
Radical Innovation In Security (New Techniques Applied To Tomorrow’s Risk)
 
Leading in the digital economy
Leading in the digital economyLeading in the digital economy
Leading in the digital economy
 
Human Centric Innovation - Driving Digital Transformation - Co-creation
Human Centric Innovation - Driving Digital Transformation - Co-creationHuman Centric Innovation - Driving Digital Transformation - Co-creation
Human Centric Innovation - Driving Digital Transformation - Co-creation
 
Welcome to Fujitsu World Tour
Welcome to Fujitsu World TourWelcome to Fujitsu World Tour
Welcome to Fujitsu World Tour
 
Partner Awards
Partner AwardsPartner Awards
Partner Awards
 
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...
FUJITSU Integrated System PRIMEFLEX: Win data center orders and have satisfie...
 
Is Automation the Solution to Security Overload?
Is Automation the Solution to Security Overload?Is Automation the Solution to Security Overload?
Is Automation the Solution to Security Overload?
 
Best Practices for Creating an Optimal Data Lake
Best Practices for Creating an Optimal Data LakeBest Practices for Creating an Optimal Data Lake
Best Practices for Creating an Optimal Data Lake
 
BAS Portfolio update
BAS Portfolio update BAS Portfolio update
BAS Portfolio update
 
Protecting What Matters Most – Data
Protecting What Matters Most – DataProtecting What Matters Most – Data
Protecting What Matters Most – Data
 
SAP Digital Transformation in Cloud
SAP Digital Transformation in CloudSAP Digital Transformation in Cloud
SAP Digital Transformation in Cloud
 
Cloud Data Management: Protecting your Cloud strategy
Cloud Data Management: Protecting your Cloud strategyCloud Data Management: Protecting your Cloud strategy
Cloud Data Management: Protecting your Cloud strategy
 
Crossing the river with confidence; how Oracle Cloud Applications can transfo...
Crossing the river with confidence; how Oracle Cloud Applications can transfo...Crossing the river with confidence; how Oracle Cloud Applications can transfo...
Crossing the river with confidence; how Oracle Cloud Applications can transfo...
 
Digital Co-creation with Hybrid IT
Digital Co-creation with Hybrid ITDigital Co-creation with Hybrid IT
Digital Co-creation with Hybrid IT
 
Experience Big Data Analytics use cases ranging from cancer research to IoT a...
Experience Big Data Analytics use cases ranging from cancer research to IoT a...Experience Big Data Analytics use cases ranging from cancer research to IoT a...
Experience Big Data Analytics use cases ranging from cancer research to IoT a...
 
Channel Portfolio Update
Channel Portfolio UpdateChannel Portfolio Update
Channel Portfolio Update
 
Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...
 
Transformation to Digital Business with SAP and Fujitsu
Transformation to Digital Business with SAP and FujitsuTransformation to Digital Business with SAP and Fujitsu
Transformation to Digital Business with SAP and Fujitsu
 

Dernier

B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdftbatkhuu1
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...Suhani Kapoor
 

Dernier (20)

B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdf
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 

Threat Life Cycle Management

  • 1. 1 | © 2016 LogRhythm LogRhythm Overview Omar Barakat Regional Channel Manager Middle East, Turkey & Africa
  • 2. Company Confidential The Modern Cyber Threat Pandemic 3,930 Breaches in 2015 953 Breaches in 2010 736 million records were exposed in 2015, compared to 96 million records in 2010 1,000,000,000 records exposed in one breach in 2016 - Yahoo! The security industry is facing serious talent and technology shortages SelectedDataBreaches Source: World’s Biggest Data Breaches, Information is Beautiful 2016 1 Breach 1,000,000,000 (records) Yahoo! 321 Breaches in 2006
  • 3. Company Confidential No End In Sight Motivated Threat Actors Cyber- crime Supply Chain Expanding Attack Surface Motivated Threat Actors Cyber-crime Supply Chain Expanding Attack Surface
  • 4. 4 | © 2016 LogRhythm Recon. & Planning Initial Compromise Command & Control Lateral Movement Target Attainment Exfiltration, Corruption, Disruption Modern threats take their time and leverage the holistic attack surface The Cyber Attack Lifecycle
  • 5. 5 | © 2016 LogRhythm Protection Through Faster Detection & Response High Vulnerability Low Vulnerability Months Days Hours Minutes Weeks MTTD&MTTR MEAN TIME TO DETECT (MTTD) The average time it takes to recognize a threat requiring further analysis and response efforts MEAN TIME TO RESPOND (MTTR) The average time it takes to respond and ultimately resolve the incident As organizations improve their ability to quickly detect and respond to threats, the risk of experiencing a damaging breach is greatly reduced Exposed to Threats Resilient to Threats
  • 6. 6 | © 2016 LogRhythm Detection & Response IT Security Budgets 2013 Prevention Detection & Response Prevention IT Security Budgets 2020 Strategic Shift to Detection and Response is Occurring Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from 20% in 2015. –Gartner, 2016 Detection & Response IT Security Budgets 2015 Prevention
  • 7. 7 | © 2016 LogRhythm Obstacles To Faster Detection & Response Data Quality Alarm Fatigue Swivel Chair Analysis Forensic Data Silos Fragmented Workflow Lack of Automation Effective Threat Lifecycle Management  Addresses these obstacles  Enables faster detection and response to threats
  • 8. 8 | Company Confidential This Approach Is Not Effective Log Management SIEM Endpoint Monitoring & Forensics Security Automation & Orchestration Network Behavioral Analytics Security Analytics
  • 9. 9 | Company Confidential Our Approach Forensic Data Collection Discover Qualify Investigate Neutralize Recover
  • 10. 10 | Company Confidential Threat Lifecycle Management (TLM) • Series of aligned security operations capabilities • Begins with ability to “see” broadly and deeply across IT environment • Ends with ability to quickly mitigate and recover from security incidents Goal is to reduce mean time to detect (MTTD) and mean time to respond (MTTR), while keeping staffing levels flat
  • 11. 11 | Company Confidential End-to-End Threat Lifecycle Management Workflow TIME TO DETECT TIME TO RESPOND Forensic Data Collection InvestigateQualifyDiscover RecoverNeutralize Security event data Log & machine data Forensic sensor data Search analytics Machine analytics Assess threat Determine risk Is full investigation necessary? Analyze threat Determine nature and extent of incident Implement counter- measures Mitigate threat & associated risk Clean up Report Review Adapt
  • 12. 12 | © 2016 LogRhythm Top Five LogRhythm Differentiators
  • 13. 13 | Company Confidential Top 5 Differentiators TIME TO DETECT TIME TO RESPOND Forensic Data Collection InvestigateQualifyDiscover RecoverNeutralize 2. Precision Search 3. Holistic Threat Detection 5. Embedded Security Automation and Orchestration 1. Machine Data Intelligence (MDI) 4. Risk-Based Monitoring
  • 14. 14 | Company Confidential Machine Data Intelligence Fabric LogRhythm Network Monitor LogRhythm System Monitor Data Collection Data Generation Machine Data Intelligence (MDI) Fabric • Uniform Data Classification • Uniform Data Structure • Time Normalization • Risk Score • Organizational Context • User Persona • Host Persona • Geolocation • Flow Direction • …more Search Analytics Machine Analytics Benefits  Serves as IT environment abstraction layer  Enables generic scenario representation  Allows for high-efficacy packaged analytics modules
  • 15. 15 | Company Confidential Precision Search Powered by Elasticsearch Structured Search Unstructured Search Benefits  Quick results  Less “noise”  Investigation automation  Fast and accurate decisions Machine-Assisted Search
  • 16. 16 | Company Confidential Holistic Threat Detection Powered by AI Engine Benefits  Real-time advanced threat detection  Detection across full attack lifecycle  Easily customizable  Lower false negatives AND false positives User Threats Network Threats Endpoint Threats Log Data Contextual Data
  • 17. 17 | Company Confidential Risk-based Monitoring Benefits  Focuses analysts’ time where it matters most  Faster recognition of threats that need attention  Reduces alarm fatigue Risk Prioritized Alarms ! 56 RISK ! 68 RISK ! 97 RISK Risk-based Prioritization Algorithm Events Confide nce Score Confidence Score Threat Score Weighti ngs Weightings Risk Score
  • 18. 18 | Company Confidential Embedded Security Automation and Orchestration Case Management SmartResponse Automation Benefits  Centralizes security investigations  Faster investigations with single toolset  Efficient, confidential collaboration  Automates workflows and responses  Reduces mean time to respond (MTTR)
  • 19. 19 | © 2016 LogRhythm Why LogRhythm As Your Strategic TLM Partner Broad Regulatory Compliance Focus Innovation Customer Success Platform Scalability & Flexibility
  • 20. 20 | © 2016 LogRhythm Market Leadership Certifications & Validations Industry Analysts Company Awards Company of the Year Industry Awards
  • 21. 21 | © 2016 LogRhythm