1 / 26

RSA SecurWorld Security Analytics: Product Introduction

RSA SecurWorld Security Analytics: Product Introduction. SecurWorld Sales Associate Security Management. Sales Process. Solutions. Product Introduction. Messaging. Instructions For Completing This Training. This training consists of: A self-paced learning format User-interface

bian
Download Presentation

RSA SecurWorld Security Analytics: Product Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA SecurWorld Security Analytics: Product Introduction SecurWorld Sales Associate Security Management Sales Process Solutions Product Introduction Messaging

  2. Instructions For Completing This Training • This training consists of: • A self-paced learning format • User-interface • Player controls • Course continuation • Attachments Note: These reference documents are RSA Confidential; made available to you because you have been authorized to take this training. These documents are not for general distribution.

  3. Learning Objectives Upon completion of this course, you should be able to: • Describe Security Analytics • Define the marketplace • Articulate Security Analytics differentiators • Guide customers through migration process

  4. Current State • Market opportunity • Customer challenges • Negative consequences Current State Future State The RSA Solution Discovery Proof Points

  5. Introducing RSA Security Analytics

  6. What is RSA Security Analytics? A new way forward for SIEM Big Data Analytics Threat Intelligence Network Security Monitoring SIEM Monitoring • Unified platform for: • Security Monitoring • Incident investigations • Compliance Reporting

  7. RSA’s Product Strategy in a Nutshell Way beyond what enVision and NetWitness can offer today

  8. Market Opportunity

  9. Before Scenarios • Security tools cannot discover advanced threats • Investigations lack data • Proving compliance resource intensive

  10. Negative Consequences Attackers have too much free time Compliance costs too much, delivers too little. • Investigations are too hard to conduct

  11. Future State • How Security Analytics improves the security posture • Positive business outcomes • Solutions requirements • Success metrics Current State Future State The RSA Solution Discovery Proof Points

  12. After Scenarios • Improved, enterprise-scalethreat detection • Investigations are conducted in minutes vs. days Proving compliance as an outcome of good security practices

  13. Positive Business Outcomes • Reduces attacker free time and attack impact • Improves analyst effectiveness and efficiency • Reduces cost of proving compliance Attack begins Attack TIME ATTACKER FREE TIME Need to collapse free time Response TIME Attack identified

  14. Required Capabilities • Single platform for logs, network sessions, and business context • Collection, management, and analysis of big data • Analytic workbench for security analysts • Real-time fusion of external threat intelligence • Must be able to leverage business context to prioritize the work • Automated generation of compliance reports

  15. The RSA Solution • How Security Analytics delivers • Basic SA architecture • SA integration with RSA Archer and RSA Data Loss Prevention • Differentiators Current State Future State The RSA Solution Discovery Proof Points

  16. How We Do It Unified Platform Security monitoring Incident investigations Compliance reporting Comprehensive Visibility Enterprise scale Log management Full network sessions High-powered Analytics Real-time metadata-based analytics Automated compliance reporting Integrated Intelligence Fuses threat intelligence with collected data

  17. How We Do It Unified platform for security monitoring, incident investigations and compliance reporting Network Security Monitoring High Powered Analytics Big Data Infrastructure Integrated Intelligence RSA Security Analytics Fast & Powerful Analytics Logs & Packets Unified Interface Analytics Warehouse SIEM Compliance Reports Device XMLs Log Parsing see data you didn’t see before, understand data you didn’t even consider before

  18. SA Architectural Overview

  19. RSA Security Management Solution Security Analytics is key component

  20. How We Do It Better/Differentiators • Speed and smarts to deal with advanced threats • Combines logs and full network packet capture • Fusion of threat intelligence • Integrated malware analytics • Business context to prioritize

  21. RSA Archer GRC: Asset Criticality Intelligence Feeds RSA DLP: Data Discovery Feeds RSA Solution Integration Asset Criticality Data Discovery

  22. Discovery • Discover and qualify opportunities • Review the target marketing • Discovery questions Current State Future State The RSA Solution Discovery Proof Points

  23. Target Markets And Industries • Vertical targets: government, banking, financial services, energy, defense, retail, technology, manufacturing, service providers, MSSPs, healthcare • Target market: medium to large organizations with highly valuable or sensitive data/IP • Existing SOC program • Existing SIEM program

  24. Discovery Questions Discovery Questions • Are you planning to build a SOC? • Do you have a team of security analysts? • Do you have a SIEM? Does it work well? • How do you detect advanced/targeted attacks? • How do you investigate security incidents?

  25. Proof Points • Proof points Current State Future State The RSA Solution Discovery Proof Points

  26. Dept. of Health and Human Services • Business Case: Centralize security management of 500k+ access points • Objective: Identify and respond in real-time to malicious attacks, APTs • Issue: Malicious attacks fact of life for all gov’t agencies: • Results: Within 6 months detected threats and resolved before damage.

More Related