microfocuscybersummit
play

#MicroFocusCyberSummit Global Protection and Awareness through Data - PowerPoint PPT Presentation

Jul 07, 2023 •439 likes •1.09k views

#MicroFocusCyberSummit Global Protection and Awareness through Data Analytics, Threat Detection and Pattern Recognition Charles Clawson, ArcSight Marketing Manager Steven Riley, ArcSight Technical Marketing Manager #MicroFocusCyberSummit

  1. #MicroFocusCyberSummit

  2. Global Protection and Awareness through Data Analytics, Threat Detection and Pattern Recognition Charles Clawson, ArcSight Marketing Manager Steven Riley, ArcSight Technical Marketing Manager #MicroFocusCyberSummit

  3. Visual Agenda Intelligent Security Security Operations Analytics Real time alerting & Data Analysis monitoring Log Management Discover Micro Focus Security strategy Intelligent SecOps use case & Maturity roadmap ArcSight Marketplace ArcSight ESM Security Analytics ArcSight Investigate 3rd party Activate Use case Threat Intel ArcSight Data Platform

  4. Company Discover the New

  5. The New Combined Company: Micro Focus Built on stability, acquisition and innovation Network Management/ COBOL Data Protector Years Years

  6. Combined Micro Focus: An Industry Shaper Microsoft Oracle SAP $7.1 Salesforce $5.1 $4.9 $4.4 $4.0 $3.4 $3.3 Adobe Symantec #7 HPE SW / MF HPE SW / MF CA Gemalto Citrix Dassault $3.2 $3.1 $2.5 $2.5 $2.4 $2.3 $2.1 $2.1 $2.0 $2.0 $1.9 $1.9 $1.8 $1.7 $1.7 $1.4 $1.3 $1.2 $1.1 SAS #12 HPE SW HPE SW Infor Veritas Autodesk Synopsys CDK Global Red Hat Asseco BMC Nuance Constellation Open Text Cadence Check Point #26 Microfocus Micro Focus Workday ServiceNow Informatica

  7. 4 Focus Areas Four Focus Areas Security & Data Hybrid IT Predictive DevOps Management Analytics Management

  8. Protecting Data Apps What Security Analytics Matters Most Users

  9. One of the Worlds Most Powerful Security Portfolios

  10. ArcSight Empowers Intelligent Security Operations

  11. What Are the Top CISO Priorities Click icon to add picture Reduce business Decrease impacts of Detect and stop downtime and security events security threats non-compliance

  12. Challenges to the Security Operations Center Limited detection Complex and slow Increasing rate and investigation of data response tools capabilities

  13. Intelligent Security Operations Increase Speed, Simplicity and Effectiveness Across Entire Workflow Visibility Without Comprehensive Intuitive Boundaries Detection Investigation

  14. ArcSight Drives Business Profits Open Comprehensive Intuitive architecture detection investigation Reduce data Reduce time Minimize risk and licensing and human and data loss costs struggle

  15. All Departments Benefit Security & Risk IT operations Compliance & Legal Line of Business management

  16. Proven, Accurate and Fast ArcSight Investigate ArcSight ESM ArcSight ADP

  17. Open, Relevant and Intuitive ArcSight Investigate Investigation | Security Analytics ArcSight ESM Real-time correlation | Alerting | Workflow ArcSight Data Platform Connectors | Event Broker | Management | Logger

  18. Security Operations Use Cases & Maturity Roadmap

  19. Intelligent Security Operations – Use case Roadmap Intelligent Security Operations Security Analytics • Integrated monitoring • People & Process & • Behavior Profiling Technology • Threat detection Real time alerting • Efficiency & Resilience • Know the unknown & monitoring Data Analysis • Detect & identify • Respond in time • Forensics • Build workflow • Rapid Search Log Management • Reporting • Centralize Logs • Retain data • Compliance

  20. Intelligent Security Operations – Capability Roadmap Analytics & SIOC ArcSight Investigate Intelligent Security ArcSight ESM Operations Security Analytics • Integrated monitoring • People & Process & • Behavior Profiling ArcSight Data Platform Technology • Threat detection Real time alerting • Efficiency & Resilience • Know the unknown & monitoring Data Analysis • Detect & identify • Respond in time • Forensics • Build workflow • Rapid Search Log Management • Reporting • Centralize Logs • Retain data • Compliance

  22. ArcSight Data Platform Expand the visibility of your data

  23. Visibility Without Boundaries Open architecture Integrate data lakes to maximize usage with security apps Scalability through Keep up with growing variety and velocity environments Faster detection with Real-time security business optics context

  24. ArcSight Security Technology Partners DDoS Technology Partners Threat Application GRC Intelligence Security SIEM

  25. ArcSight Data Platform in Nutshell Arcsight Management Console Event Broker Logger Connector Collect Enrich Distribute Retain Search Report

  26. Data Retention (Logger)  Cost-effective universal log management  Unifies searching, reporting and analysis  Scale  1M EPS in a 100 peers architecture  100 Concurrent search  Performance  Search speed improvements by 50-200%  10:1 compression ration to store up to 1200 TB  Security  Data at rest encryption on ADP appliances

  27. Management Console – End to End Monitoring Topology view for consolidated overview Display device information on hover Sort devices by region / groups

  28. Instant Connector Deployment ArcMC 2.70, Connectors 7.70 Benefit: Improve security administrator productivity by providing a quick and easy deployment option so that they onboard new data sources or readjust connectors deployment layout quickly with ease. Capability: Connector deployment on remote hosts through • ArcSight UI In-context deployment View UI • Re-usable deployment templates with • configuration values for source and destination Many Connectors to a single host • • Centralized management of long running deployment jobs 45

  29. Enhanced Topology View ArcMC 2.70, Event Broker 2.10 Benefit: Improve analyst productivity by giving them a centralized monitoring tool so that they can optimize their time and do more with ease. Capability: View Event Broker topics in Topology view on • ArcMC Get visibility into consumer connectivity through • ArcMC 47

  30. Logger 6.5 Updates Benefit: Easy to use Logger reporting tools with an enhanced UI help optimize analyst time and generate comprehensive reports and dashboards for compliance and other use cases Capability: Create Reports from Logger Queries • • Archives will include Indexes ADP Logger standalone mode: both for • appliances and software Complete support for SHA-2: receivers and • forwarders, archiving, SSL signatures • Complete support for TLS 1.2: peer communications, on-board connector • Dark Theme for Logger 48

  31. Data De-identification for Privacy (GDPR, health..) Format Preserving Encryption by Voltage embedded john.doe@arcsight.com uwol.clu@qnmpdsaa.kle De-identify sensitive data Logger Source ArcSight Event data ESM Connector 3rd party

  32. ArcSight ESM Comprehensive Detection

  33. ArcSight ESM in Nutshell Detection Investigation Active 3rd party Case Enrichment Rules Engine Context Channel action Management • Asset Model • Real-time rules • Rich news feeds • Enrichment • Integration • Annotations Commands • Network Model • Data Monitors • Drill down • Baselines/ trends • Stages and • Action impact • Vulnerability • Prioritization • Visuals • Lists Connectors • Integration • Search • Partners 54

  34. 250 Ready Made, Tested and Documented Use Cases Activate use case configurator

  35. Value for Everyone Openness • Detailed data • Increase TTV via source Marketplace content configuration • SOC Workflow SOC information Efficiency Engineer • Categorization + • Content Maintainability Manager Product Packages • Reduced Training Cost Content Analyst Author • Community • Actionable Output • Components & • Structured event Solutions handling • Methodology

  36. 4x more with same headcount ESM & Activate adoption increased SOC efficiency 4x

  37. Activate Content Layers

  38. ArcSight ESM with Fresh & Relevant Content Market-leading Real-time Activate example: Wanna Cry Dashboard released in few hours Correlation Threat Lifecycle Tailored use cases Central integration point for the SOC process Integrated SOC platform

  39. Secure the New Voltage Fortify ArcSight Data Security App Security Security Operations NetIQ Identity 70

  40. ArcSight Enterprise Security Manager (ESM) Summary Enriched Data Powerful Correlation Quick Detection Multi-tenancy

  41. Threat Intelligence

  42. Threat Intel context is the king! Who is behind this? Where is it comming from? How bad is it? Do we know them? Is it related to ..?

  43. But what Threat Intel? 75

  44. ArcSight Threat Intelligence Program Reputation Security Monitor Activate Threat Intelligence Currated list of malicious IPs and domains Open TI program for Activate use case

  45. Activate TI Data Fusion Model 3 Track 2 Context 1 Populate 0 Ingest

  46. Threat Intel Activity Dashboard 78

  47. ArcSight Investigate

  48. What Do We Need to Address These Challenges? Intelligent Threat Investigation Solution Act faster Work smarter Reach further

  49. ArcSight Investigate Analytics optimized and robust engine Guided natural language search box Modern and intuitive data manipulations Powerful built-in analytics modules

Recommend

#MicroFocusCyberSummit Preparing for When Your Organization Will be Breached: Prioritizing and

#MicroFocusCyberSummit Preparing for When Your Organization Will be Breached: Prioritizing and

#MicroFocusCyberSummit Preparing for When Your Organization Will be Breached: Prioritizing and Protecting Paulo Veloso Shogo Cottrell #MicroFocusCyberSummit Whats happening in the market? Approximately 40,000 Tesco Bank accounts were

501 views • 36 slides
#MicroFocusCyberSummit ZENworks Keynote Session Gil Cattelain Jason Blackett

#MicroFocusCyberSummit ZENworks Keynote Session Gil Cattelain Jason Blackett

#MicroFocusCyberSummit ZENworks Keynote Session Gil Cattelain Jason Blackett #MicroFocusCyberSummit Business Challenges Our Products How We Solve Challenges Roadmap Solution and Vision Any Questions Secure Unified Endpoint Management

878 views • 69 slides
#MicroFocusCyberSummit Shifting Security Left Bringing security into continuous integration and

#MicroFocusCyberSummit Shifting Security Left Bringing security into continuous integration and

#MicroFocusCyberSummit Shifting Security Left Bringing security into continuous integration and delivery Brenton Scott Witonski <>< , Acxiom Brandon Spruth, Target Lucas von Stockhausen, Fortify #MicroFocusCyberSummit WHY ARE YOU

711 views • 44 slides
#MicroFocusCyberSummit Data Simplicity: ArcSight Data Platform enhances enterprise data via the

#MicroFocusCyberSummit Data Simplicity: ArcSight Data Platform enhances enterprise data via the

#MicroFocusCyberSummit Data Simplicity: ArcSight Data Platform enhances enterprise data via the Common Event Format Peter Titov Micro Focus #MicroFocusCyberSummit Agenda Usage What do we ask of our data? Ingestion How do we get our data

217 views • 20 slides
#MicroFocusCyberSummit Access Management: The Glue between Business Value and Security Kent

#MicroFocusCyberSummit Access Management: The Glue between Business Value and Security Kent

#MicroFocusCyberSummit Access Management: The Glue between Business Value and Security Kent Purdy Chan Yoon Product Marketing Manager Director of Product Management #MicroFocusCyberSummit security leaders regard achieving and 68 %

700 views • 26 slides
#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks Darrin VandenBos Jason

#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks Darrin VandenBos Jason

#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks Darrin VandenBos Jason Blackett #MicroFocusCyberSummit Agenda Security threats in todays world How do you protect your endpoints? Key takeaways 3 Security Threats in

797 views • 23 slides
#MicroFocusCyberSummit Automate Static and Dynamic Scans, CI/CD Integrations and Auditing for

#MicroFocusCyberSummit Automate Static and Dynamic Scans, CI/CD Integrations and Auditing for

#MicroFocusCyberSummit Automate Static and Dynamic Scans, CI/CD Integrations and Auditing for Fast, Reliable Results Rick Smith, Senior Product Manager Jimmy Rabon, Senior Product Manager #MicroFocusCyberSummit Automation Static Analysis

583 views • 22 slides
#MicroFocusCyberSummit Voltage Data Security Product Direction Reiner Kappenberger Director of

#MicroFocusCyberSummit Voltage Data Security Product Direction Reiner Kappenberger Director of

#MicroFocusCyberSummit Voltage Data Security Product Direction Reiner Kappenberger Director of Product Management #MicroFocusCyberSummit The Challenges of Innovation Threats Regulations Data Breaches CCPA Big Data Malicious Insiders

429 views • 15 slides
#MicroFocusCyberSummit Regulatory Change in GDPR and the U.S. Moderated session with product

#MicroFocusCyberSummit Regulatory Change in GDPR and the U.S. Moderated session with product

#MicroFocusCyberSummit Regulatory Change in GDPR and the U.S. Moderated session with product leaders Nathan Turajski - Moderator Joe Garber Luther Martin Rob Roy #MicroFocusCyberSummit Max Averbukh Moderated Session with Product Leaders

340 views • 10 slides
#MicroFocusCyberSummit SecureData Sentry Accelerate your migration to cloud workloads Alistair

#MicroFocusCyberSummit SecureData Sentry Accelerate your migration to cloud workloads Alistair

#MicroFocusCyberSummit SecureData Sentry Accelerate your migration to cloud workloads Alistair Rigg & Phil Sewell #MicroFocusCyberSummit Enterprise Cloud Trends and Risks Cloud Trends Security Risks and Concerns An average of Cloud is

905 views • 34 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

455 views • 10 slides
Yes it is Possible Jamie Manuel Product Marketing Manager #MicroFocusCyberSummit At Micro

Yes it is Possible Jamie Manuel Product Marketing Manager #MicroFocusCyberSummit At Micro

Deliver Strong Governance and Administration and Deliver Business Value ... Yes it is Possible Jamie Manuel Product Marketing Manager #MicroFocusCyberSummit At Micro Focus, we believe IDENTITY Analytics Role Self-Service Management

363 views • 17 slides
#MicroFocusCyberSummit ArcSight is an Open Architecture for SecOps Marius Iversen KPN ZM OPS

#MicroFocusCyberSummit ArcSight is an Open Architecture for SecOps Marius Iversen KPN ZM OPS

#MicroFocusCyberSummit ArcSight is an Open Architecture for SecOps Marius Iversen KPN ZM OPS TRS Security Services Contents Introduction Business Use Cases 01 05 What makes API Important? Open Source Initiatives 02 06 ArcSight Logger

228 views • 22 slides
Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email

Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email

Protecting the Crown Jewels through Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email People Customer Data 3 How will you do it? 4 Role of IT in 2018 To securely build and deliver reliable,

243 views • 20 slides
Dynamic, and Mobile with Fortify on Demand Rick Smith Product Manager #MicroFocusCyberSummit

Dynamic, and Mobile with Fortify on Demand Rick Smith Product Manager #MicroFocusCyberSummit

Using Automatic and Manual Tests for Static, Dynamic, and Mobile with Fortify on Demand Rick Smith Product Manager #MicroFocusCyberSummit Agenda Identifying the cost Identifying the tool A quick case study 2 Thinking about the cost 3

261 views • 25 slides
On-premises, IaaS, PaaS and SaaS Rob Aragao & Stan Wisseman #MicroFocusCyberSummit Primary

On-premises, IaaS, PaaS and SaaS Rob Aragao & Stan Wisseman #MicroFocusCyberSummit Primary

The Hybrid Enterprise: Working Across On-premises, IaaS, PaaS and SaaS Rob Aragao & Stan Wisseman #MicroFocusCyberSummit Primary Goal of Businesses Today Drive Digital Transformation !! 2 For Most Organizations, Digital Transformation =

613 views • 25 slides
Identity Powers Adaptive Security Robert MacDonald #MicroFocusCyberSummit security leaders

Identity Powers Adaptive Security Robert MacDonald #MicroFocusCyberSummit security leaders

Identity Powers Adaptive Security Robert MacDonald #MicroFocusCyberSummit security leaders regard achieving and 68 % REGULATORY maintaining regulatory compliance as COMPLIANCE a critical priority. (Forrester 2017) 59 % technology

503 views • 24 slides
Application Security as a Service: Start Your Application Security Initiative in Less than a Day

Application Security as a Service: Start Your Application Security Initiative in Less than a Day

Application Security as a Service: Start Your Application Security Initiative in Less than a Day David Harper Practice Principal Fortify on Demand #MicroFocusCyberSummit Agenda The Application Security Problem Security Gate Secure DevOps

37.39k views • 30 slides
Developer-centric Application Security Scans Ray Kelly, Practice Principal - Fortify Sherman

Developer-centric Application Security Scans Ray Kelly, Practice Principal - Fortify Sherman

Developer-centric Application Security Scans Ray Kelly, Practice Principal - Fortify Sherman Monroe, Senior Security Consultant Thomas Ryan, Fortify Solutions Architect #MicroFocusCyberSummit Session Agenda Mobile Apps The Bad, The Worse

694 views • 44 slides
ESM 7 Distributed Correlation Paul MacGyver Carman Global Technical Security Sales Engineer

ESM 7 Distributed Correlation Paul MacGyver Carman Global Technical Security Sales Engineer

ESM 7 Distributed Correlation Paul MacGyver Carman Global Technical Security Sales Engineer #MicroFocusCyberSummit Confidential information This is a rolling (up to three year) Roadmap and is subject to change without notice Confidential

267 views • 24 slides
as a Service Panel Facilitator: Stan Wisseman Panelists: Troy Bowen, Verizon Steve Pettit, Verizon

as a Service Panel Facilitator: Stan Wisseman Panelists: Troy Bowen, Verizon Steve Pettit, Verizon

Building an AppSec Practice in a Fast-moving Environment: The Power of On-premises and as a Service Panel Facilitator: Stan Wisseman Panelists: Troy Bowen, Verizon Steve Pettit, Verizon #MicroFocusCyberSummit Michael Gutsche, Micro Focus A

418 views • 10 slides
Mitigating Vulnerabilities Lucas von Stockhausen, Senior Product Manager & Application

Mitigating Vulnerabilities Lucas von Stockhausen, Senior Product Manager & Application

Prioritizing Risk Relative to Mitigating Vulnerabilities Lucas von Stockhausen, Senior Product Manager & Application Security Strategist Jimmy Rabon, Senior Product Manager #MicroFocusCyberSummit Understanding Risk Relative to Remediation

281 views • 25 slides
A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance Michael Gutsche, Cybersecurity Strategy Peter Bronson, Cybersecurity Strategy #MicroFocusCyberSummit This document contains forward looking

245 views • 21 slides
AppSec at High Speed and Scale Agility, Integration & Automation Scott Johnson, Fortify GM

AppSec at High Speed and Scale Agility, Integration & Automation Scott Johnson, Fortify GM

AppSec at High Speed and Scale Agility, Integration & Automation Scott Johnson, Fortify GM #MicroFocusCyberSummit Forward Looking Statements: Legal Disclaimer This document contains forward looking statements This document contains forward

410 views • 29 slides

More recommend