1 / 29

R ed s eal Security Analytics for Digital Resilience

RedSeal provides a security analytics platform for digital resilience, helping organizations understand, manage, and defend their networks against cyber threats. Learn more about our role in providing security analytics and how we work with your ecosystem. Fill in our survey for a chance to win a 12-year-old Scotch.

carrc
Download Presentation

R ed s eal Security Analytics for Digital Resilience

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. RedsealSecurity Analytics for Digital Resilience

  2. Agenda • Meet the team • Complexities in Todays Environment • RedSeal role in providing Security analytics for Digital resilience • How we work with your Ecosystem • Three things to remember about RedSeal • Fill in Survey- Win an 12 yr old Scotch • Questions?

  3. RedSeal: Security Analytics Platform for Digital Resilience

  4. Data Breaches Are Accelerating Size of bubble reflects number of records breached, which are listed for largest breaches. World's Biggest Data Breaches: 2004-2014 Court Ventures 200,000,000 Adobe AOL 92,000,000 Ebay 145,000,000 Evernote 50,000,000 UK Reserve & Customs US Dept. of Vet Affairs Heartland 130,000,000 Cardsystems SolutionsInc. Yahoo Japan T-mobile Deutche Home Depot 56,000,000 Aol Rock You! 32,000,000 Aol Massive American Business Hack 160,000,000 Living Social 50,000,000 JP Morgan Chase 76,000,000 Sony PSN 77,000,000 TK/TJ Maxx 94,000,000 US Military 76,000,000 Ubisoft Target 70,000,000 Tianya Sony Pictures Steam Zappos 2004 2006 2008 2010 2012 2014 Latest Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

  5. Full Network Understanding and Measurement are Essential Steps to Bridge this IT/Security Gap • Cybersecurity challenges far exceed an organization’s human abilities to effectively understand, manage, and defend their networks • Perimeter security is necessary but no longer sufficient • Management practices have not evolved • $75B per year in point solutions don’t work. • Organizations need a systemic solution for a systemic problem • Effective management requires measurement, and effective measurement requires full network understanding • Full network understanding provides context • Scoring your network security provides a framework • Network understanding and metrics underpins a rigorous management program

  6. Cyber Attacks Increasing in Frequency and Magnitude Giant Home Depot data breach court battle kicks off –Fortune JPMorgan CEO Jamie Dimon asks for help with data breaches after spending $250m on security in 2013 –Huffington Post Lawsuits say Sony Pictures should have expected security breach –CNN Target CEO fired—can you be fired if your company is hacked? –Forbes

  7. Cybersecurity Today Lots of tools and data make it difficult to: • Makesense of the information • Skills shortage • Sheer scale • Prioritize actions • Efficiently demonstrate compliance • Measure effectiveness

  8. A day in the life of a CISO

  9. RedSeal Platform: Create a Model of Your “As-Built” Network Remote Extranet Routers Host and vulnerability data DMZ Firewalls Company Switches Network configuration managers Load balancers RedSeal Cloud “configs” Core Partners Lab Data Center

  10. RedSeal Delivers the Digital Resilience to Close the Gap 10,000,000 1,000,000 IoT 100,000 10,000 Cloud Network Elements - Thousands 1,000 Cellular 100 WiFi Human Understanding without Assistance LANs 10 1990 1995 2000 2005 2010 2015 2020

  11. Increasing Network Complexity SDN • LEGACY INFRASTRUCTURE AND ACQUISITIONS • You don’t always know what you have. • CLOUD DEPLOYMENTS • Less control over infrastructure-as-a-service • SOFTWARE DEFINED DATACENTERS • Difficult to keep security controls current in these dynamic environments Load Balancers

  12. Large and Complex Networks Breed Opportunities for Breaches Increasing network complexity Legacy infrastructure and acquisitions Cloud deployments Software-defined data centers Unknown and unmanaged network and security assets Proliferation of new applications Unpatched or out-of-date services Shifting regulatory environment Human error

  13. Ask Yourself: Is My Network Secure? How easily can attackers get in and move around? How big is my attack surface?What vulnerabilities should I address first?What is the impact of change?How much of my infrastructure is compliant? Will my network be safer tomorrow? ?

  14. RedSeal: Cybersecurity Analytics for Digital Resilience • Accelerate response to vulnerabilities and incidents • Establish standard policies and verifycompliance • Measure, benchmark and set targets • Understandyour network with as-built model

  15. Step 1: Understand Your Network Remote Extranet DMZ Allowed access Company Unintended access Core Partners Lab Advanced, secret lab Discontinued protocol still active Data Center

  16. Step 2: Measure, Benchmark and Set Targets Resilience score Smartphone application Trending Share throughout enterprise IT

  17. Step 3: Establish standards and policies and verify compliance Key controls for: – Credit cards (PCI DSS) – Critical infrastructure (NERC CIP) – Federal Information Systems (NIST 800-53) – DoD security guides (DISA’s STIGs) – Health care (HIPAA) Benefit: More efficient and effective compliance initiatives –Fast –Automatic –Continuous –Cost effective Major control areas: –Network segmentation –Vulnerability scans and penetration tests –Configuration hardening

  18. Identify ingress and egress Step 4: Accelerate Response to Incidents and Vulnerabilities Remote Extranet DMZ Indicator of compromise: directly reachable Company IoC Core Partners Indirectly reachable critical system Lab Data Center

  19. RedSeal Platform Enables Multiple Enterprise Security Functions • Incident response • Quickly assess “blast radius” • Identify remediation options • Security access, compliance • Continuous compliance • Eliminate manual data • Accelerate response to vulnerabilities and incidents • Establish standard policies and verifycompliance • Measure, benchmark and set targets • Executive management • Metrics and benchmarks toward goals • Vulnerability management • Improved prioritization • Automated reporting • Understandyour network with as-built model • Network and security operations • Troubleshooting • Configuration validation

  20. RedSeal Product Vision Security Analytics Platform that provides digital resilience through an integrated model of your ecosystem. Common model across Networking, Security, & Compliance Data Center Security IT Service SIEM HP ArcSight IT Infrastructure Vulnerability Managers Network Devices RedSeal

  21. RedSeal Integrates With Vulnerability Management Solutions • Integrates vulnerability scan data • Import vulnerability information and system configurations • Improves existing products • Identify unknown, unscanned systems • Flag stale scan data • Adds value • Network context aids in prioritization • Analysis of detailed traffic paths identifies alternate remediations • Patching • Firewall rule changes • Segmentation • Isolation or shutdown system(s)

  22. RedSeal Discovers Unmanaged, UnscannedHosts Unscanned subnets Remote Extranet DMZ Company Newly deployed cloud infrastructure Core Partners Lab Advanced secret lab Data Center

  23. RedSeal Provides Network Access Context to Prioritize Vulnerabilities Unapproved, forbidden access Approved, planned access Remote Extranet CVSS 6 DMZ Company CVSS 7 Core Partners Lab Vulnerabilities on this server should be considered “high risk” – there is an unauthorized access path to it CVSS 4 Data Center

  24. RedSeal value generated Network information sources Leverage Your Security Products ROUTERS FIREWALLS LOAD BALANCERS CONFIGURATION MANAGEMENT DATABASES Calculates your actual security posture (policy) Verifies access rules for Cloud-based hosts and data CLOUD INFRASTRUCTURE SECURITY Looks at reachability and asset value andidentifies which vulnerabilities should be fixed first. VULNERABILITY MANAGEMENT

  25. RedSeal Selected Customer Snapshot TECHNOLOGY RETAIL FINANCE FEDERAL UTILITIES & SPs 1/2016

  26. Problems solved by RedSeal • Federal government • Problem: Discontiguous wildcard masks in ACLs, cloned across routers • RedSeal solution: Pinpointed precise configuration settings with this error • Hotel chain • Problem: Remote server re-booting, 6 month investigation could not identify cause • RedSeal solution: Identified duplicate IP/Mirrored system with failover executing • Retail • Problem: Delays in detecting “left open” ACLs in store routers until IDS traffic spike • RedSeal: Daily monitoring/detection of “forbidden” access • Consumer electronics • Problem: Re-constructed network after breach required “flawless” security • RedSeal solution: Continual validation of security policities while rebuilding network

  27. Three Things to Remember • RedSeal organizes pastinvestments • RS provides actionable intelligence into today’s operational environment • RS is a staging platformfor designing controls into new IT investments (Network Development Lifecycle) (Deploy new infrastructure – Securely)

  28. Don’t Forget to fill in Survey Thanks

  29. RedSeal The Measure of Resilience redseal.co

More Related