IoT Security Part 2, The Malware - Community.microfocus

1y ago
22 Views
2 Downloads
1.22 MB
19 Pages
Last View : 11d ago
Last Download : 3m ago
Upload by : Brady Himes
Transcription

IoT Security Part 2, The Malware June, 2016 Angelo Brancato, Chief Technologist – HPE Security angelo.brancato@hpe.com Mobile: 49 174 1502278 CISSP, CISM. CCSK

This Presentation is recorded: https://youtu.be/AVwCZF84gew

HPE Secure IoT Application Lifecycle HPE Security ArcSight (Security Intelligence) Replay Part 1,Management) The Data HPE ITOM (IT Operations Visualization HPE Security Fortify (Application Security) HPE Security – Data Security (Voltage/Atalla) HPE ADM, ITOM and Security solutions provide a secure IoT Application Lifecycle IoT Cloud / Platform HPE Aruba (Communication Security) Connectivity Edge Computing IoT Endpoints Data, Applications, Communication, Users HPE ADM (Application Delivery Management)

HPE Secure IoT Application Lifecycle HPE Security ArcSight (Security Intelligence) Visualization HPE ITOM (IT Operations Management) HPE Security Fortify (Application Security) HPE Security – Data Security (Voltage/Atalla) HPE ADM, ITOM and Security solutions provide a secure IoT Application Lifecycle IoT Cloud / Platform HPE Aruba (Communication Security) Connectivity Edge Computing IoT Endpoints Data, Applications, Communication, Users HPE ADM (Application Delivery Management)

HPE Secure IoT Application Lifecycle – Security Intelligence Visualization HPE Security Fortify (Application Security) HPE Security – Data Security (Voltage/Atalla) IoT Cloud / Platform HPE Aruba (Communication Security) Connectivity Edge Computing IoT Endpoints Data, Applications, Communication, Users HPE Security ArcSight (Security Intelligence) IoT Platform

HPE Secure IoT Application Lifecycle – Security Intelligence HPE Security ArcSight (Security Intelligence) Visualization IoT Cloud / Platform Connectivity Log Data Edge Computing IoT Endpoints IoT Platform

Security Intelligence - What is Security Analytics? Streams of Data Rivers of Data Ocean of Data / Data Lake

Security Intelligence - What is Security Analytics?

Security Intelligence - What is Security Analytics? Tactical Level E.g. Streams of Data Users Clients, Servers Applications Firewalls, IDS/IPS, VPN, Routers, WLAN IoT Edge Devices, Sensors, Actuators

Security Intelligence - What is Security Analytics? Operational Level Real-time correlation of known attack patterns Streams of Data Rivers of Data Sample ArcSight correlation rule

Security Intelligence - What is Security Analytics? Operational Level some ArcSight Key Differentiators - ArcSight ESM Real-time correlation of known attack patterns Streams of Data True Real-Time and Contextual Correlation - Pre-Defined Use Cases (correlation rules) and Rivers of Data Content Sharing Platform - 400 supported event sources - Flex-Connector - Normalization / Categorization - Guaranteed Event Delivery and Event Load-Balancing - Multi-Tenancy

Security Intelligence - What is Security Analytics? Tactical Level Ubiquitous, reliable and scalable event collection and normalization, Remediation Streams of Data Operational Level Strategic Level Feed back to Operational Level, creation of real-time correlation rules Hunt for yet unknown attack patterns in the Big Data Lake ArcSight ESM Rivers of Data Hunt Team Ocean of Data / Data Lake

Security Intelligence - What is Security Analytics? Tactical Level Ubiquitous, reliable and scalable event collection and normalization, Remediation Streams of Data Operational Level Strategic Level Feed back to Operational Level, creation of real-time correlation rules Hunt for yet unknown attack patterns in the Big Data Lake ArcSight ESM DMA Rivers of Data Hunt Team In-A-Box ArcSight DNS Malware Analytics Ocean of Data / Data Lake

HPE ArcSight DMA – DNS Malware Analytics Overview

HPE ArcSight – DNS Malware Analytics (DMA) HPE Security ArcSight (Security Intelligence) Visualization HPE ArcSight DNS Malware Analytics (DMA) IoT Cloud / Platform Connectivity DNS Data DMA Edge Computing IoT Endpoints IoT Platform

Challenges in Collecting & Monitoring DNS Data Why is DNS monitoring this a hard problem for Enterprise Environments? Case Study: 220,000 50.000 Routers VPN 14,000 100.000 3,000 The right information is not logged 150.000 200 Logging impacts severely performance of the DNS Infrastructure 200.000 80 18-20 Billion DNS packets move through HPE’s core data centers every day Volume! 7 Events per second 250.000 0 Every new employee, device, server etc. only adds to the total HPE – 2013-2016 McAfee ePO Active Directory Web Proxy DNS

HPE ArcSight – DNS Malware Analytics (DMA) ! ! Alerting (Infected Systems) HPE Analytics Cloud ArcSight REST connector, Secure communication ArcSight ADP/ESM Easy to install pre-configured appliance Local DNS Preprocessing Filter out 99% of traffic Web-based detail & visual drill down Statistics and diagnostics Cloud IoT Cloud / Platform IoT Platform Network Tap DNS Capture Module Data visualization & exploration ! Visualization Secure communication Constantly analyze DNS data for security threats Manual or automatic remediation On-Site Connectivity Edge Computing IoT Endpoints HPE Aruba ClearPass

HPE ArcSight – DNS Malware Analytics (DMA) Recap DMA is a solution that: provides high fidelity – very low to zero false-positive rate enables Operational Staff (L1) to mitigate/remediate fit into an existing SOC infrastructure without expansion DMA is an automated service to detect and identify hosts (things) that: are positively infected with malware, bots, or other unknown threats are trying to contact Command and Control (C&C) Servers or exfiltrate data other signature based perimeter or internal security products have not detected

Thank You! Angelo Brancato, Chief Technologist – HPE Security angelo.brancato@hpe.com Mobile: 49 174 1502278 hpe.com/security CISSP, CISM. CCSK

HPE Secure IoT Application Lifecycle IoT Endpoints Connectivity Edge Computing Visualization IoT Cloud / Platform HPE Security ArcSight (Security Intelligence)HPE Security Fortify (Application Security)HPE Security -Data Security (Voltage/Atalla) HPE Aruba (Communication Security)HPE ADM (Application Delivery Management)HPE ITOM (IT Operations Management)

Related Documents:

Silat is a combative art of self-defense and survival rooted from Matay archipelago. It was traced at thé early of Langkasuka Kingdom (2nd century CE) till thé reign of Melaka (Malaysia) Sultanate era (13th century). Silat has now evolved to become part of social culture and tradition with thé appearance of a fine physical and spiritual .

May 02, 2018 · D. Program Evaluation ͟The organization has provided a description of the framework for how each program will be evaluated. The framework should include all the elements below: ͟The evaluation methods are cost-effective for the organization ͟Quantitative and qualitative data is being collected (at Basics tier, data collection must have begun)

On an exceptional basis, Member States may request UNESCO to provide thé candidates with access to thé platform so they can complète thé form by themselves. Thèse requests must be addressed to esd rize unesco. or by 15 A ril 2021 UNESCO will provide thé nomineewith accessto thé platform via their émail address.

̶The leading indicator of employee engagement is based on the quality of the relationship between employee and supervisor Empower your managers! ̶Help them understand the impact on the organization ̶Share important changes, plan options, tasks, and deadlines ̶Provide key messages and talking points ̶Prepare them to answer employee questions

Dr. Sunita Bharatwal** Dr. Pawan Garga*** Abstract Customer satisfaction is derived from thè functionalities and values, a product or Service can provide. The current study aims to segregate thè dimensions of ordine Service quality and gather insights on its impact on web shopping. The trends of purchases have

Chính Văn.- Còn đức Thế tôn thì tuệ giác cực kỳ trong sạch 8: hiện hành bất nhị 9, đạt đến vô tướng 10, đứng vào chỗ đứng của các đức Thế tôn 11, thể hiện tính bình đẳng của các Ngài, đến chỗ không còn chướng ngại 12, giáo pháp không thể khuynh đảo, tâm thức không bị cản trở, cái được

Glossary of Social Security Terms (Vietnamese) Term. Thuật ngữ. Giải thích. Application for a Social Security Card. Đơn xin cấp Thẻ Social Security. Mẫu đơn quý vị cần điền để xin số Social Security hoặc thẻ thay thế. Baptismal Certificate. Giấy chứng nhận rửa tội

SAP Cloud Platform Internet of Things Device Management Your Gateway System Environment Cloud Platform PaaSeg., HANA, Kafka, PostgreSQL App User Admin IoT Core Service IoT Message Management Service Your IoT Data IoT service IoT Gateway Edge Devices Device 1 Device 2 Device 3 IoT Gateway Cloud IoT Service Cockpit Send and receive