SlideShare una empresa de Scribd logo

IBM Security Intelligence, Integration and Expertise

Arrow ECS UK
Arrow ECS UK
TecnologíaEmpresariales
1 de 32
Descargar para leer sin conexión
IBM Security Systems IBM Security Intelligence, Integration and Expertise Vaughan Harper IBM Security Architect 22 February, 2012 © 2012 IBM Corporation 1 © 2012 IBM Corporation
IBM Security Systems The world is becoming more digitized and interconnected, opening the door to emerging threats and leaks… The age of Big Data – the explosion of digital DATA information – has arrived and is facilitated by EXPLOSION the pervasiveness of applications accessed from everywhere With the advent of Enterprise 2.0 and social CONSUMERIZATION business, the line between personal and OF IT professional hours, devices and data has disappeared Organizations continue to move to new EVERYTHING platforms including cloud, virtualization, IS EVERYWHERE mobile, social business and more The speed and dexterity of attacks has ATTACK increased coupled with new actors with new SOPHISTICATION motivations from cyber crime to terrorism to state-sponsored intrusions 2 © 2012 IBM Corporation
IBM Security Systems Targeted Attacks Shake Businesses and Governments Attack Type Bethesda Software SQL Injection URL Tampering Northrop Italy Grumman IMF PM Fox News Site Spear Phishing X-Factor 3rd Party SW Citigroup Spanish Nat. Sega DDoS Police Secure ID Gmail Booz Accounts Epsilon PBS Allen Hamilton Unknown Vanguard Sony PBS SOCA Defense Monsanto Malaysian Gov. Site Peru HB Gary RSA Lockheed Special Police Martin Nintendo Brazil Gov. L3 SK Communications Sony BMG Communications Size of circle estimates relative Greece Turkish Government Korea impact of breach AZ Police US Senate NATO Feb Mar April May June July Aug 3 IBM Security X-Force® 2011 Midyear Trend and Risk Report September 2011 © 2012 IBM Corporation
IBM Security Systems IT Security is a board room discussion Business Brand image Supply chain Legal Impact of Audit risk results exposure hacktivism Sony estimates HSBC data Epsilon breach TJX estimates Lulzsec 50-day Zurich potential $1B breach impacts 100 $150M class hack-at-will Insurance PLc long term discloses 24K national brands action spree impacts fined £2.275M impact – private banking settlement in Nintendo, CIA, ($3.8M) for the $171M / 100 customers release of PBS, UK NHS, loss and customers* credit / debit UK SOCA, exposure of card info Sony … 46K customer records 4 *Sources for all breaches shown in speaker notes © 2012 IBM Corporation
IBM Security Systems Solving a security issue is a complex, four-dimensional puzzle People Employees Consultants Hackers Terrorists Outsourcers Customers Suppliers Data Structured Unstructured At rest In motion Systems Applications Web applications Web 2.0 Mobile apps applications Infrastructure It is no longer enough to protect the perimeter – siloed point products will not secure the enterprise 5 © 2012 IBM Corporation
IBM Security Systems In this “new normal”, organizations need an intelligent view of their security posture In Sec te u lli rit ge y nc e O Automated pt im iz ed Optimized Prr P Organizations use offi o predictive and ic i ci automated security en en analytics to drive toward tt security intelligence Basic Ba Manual Organizations s employ perimeter Proficient ic protection, which Security is layered regulates access and into the IT fabric and feeds manual reporting business operations Reactive Proactive 6 © 2012 IBM Corporation
IBM Security Systems IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework Only vendor in the market with end-to- end coverage of the security foundation 6K+ security engineers and consultants Award-winning X-Force® research Largest vulnerability database in the industry Intelligence Intelligence ● ● Integration Integration ● ● Expertise Expertise 7 © 2012 IBM Corporation
IBM Security Systems Intelligence: Leading products and services in every segment 8 © 2012 IBM Corporation
IBM Security Systems Expertise: Unmatched global coverage and security awareness Security Operations Centers Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches World Wide Managed IBM Research Security Services Coverage 20,000+ devices under contract 20,000+ devices under contract 3,700+ MSS clients worldwide 3,700+ MSS clients worldwide 9B+ events managed per day 9B+ events managed per day 1,000+ security patents 1,000+ security patents 133 monitored countries (MSS) 133 monitored countries (MSS) 9 © 2012 IBM Corporation
IBM Security Systems Problem #1: Passwords… Most users need to log on to multiple systems to do their job It takes time to log on to each system It’s difficult to remember all the passwords It’s impossible to remember all your passwords if they’re all strong, all different, and some are used infrequently Volume of different applications (17 applications for one user we were talking to) 10 © 2012 IBM Corporation
IBM Security Systems Demonstration… 11 © 2012 IBM Corporation
IBM Security Systems Latest IBM Security Access Manager for Enterprise Single Sign-On Desktop Single Sign-On, Strong Authentication and Fine-Grained User Activity Audit Logs Simplify password management and strengthen end user security Business challenge Reduce help desk costs, improve productivity and strengthen security on traditional, virtual, shared desktop environments Key solution highlights • Virtual Appliance for faster time to value - Easier deployment and management leading to lower TCO • Virtualized desktops and applications virtualization support - Support VMware View, IBM Virtual Desktop for Smart Business - Desktop access to virtualized MSFT App-V or Citrix XenApp • Wider platform support - Support for Win 7 64-bit, Win 2008, Internet Explorer 8 & 9 • Enhanced Strong Authentication Support “IBM’s Security Access Manager for Enterprise Single - Hybrid RFID smart card, support for National IDs Sign-On helped achieve a ROI of 244% over 3 years with a payback period of 11 months” (Large UK financial services company) 12 © 2012 IBM Corporation
IBM Security Systems Problem #2: Badly developed websites… 13 © 2012 IBM Corporation
IBM Security Systems Application Vulnerabilities Continue to Dominate Web application vulnerabilities represented the largest category in vulnerability disclosures (55% in 2008) In 1H09, 50.4% of all vulnerabilities are Web application vulnerabilities SQL injection and Cross-Site Scripting are neck and neck in a race for the top spot Vulnerability Disclosures Affecting Web Applications (Cumulative, Year Over Year) 18,000 16,000 14,000 12,000 10,000 8,000 6,000 4,000 2,000 - 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 H1 IBM Internet Security Systems 2009 X-Force® Mid-Year Trend & Risk Report 14 © 2012 IBM Corporation
IBM Security Systems Why Security Matters ? ICO £500K fines from 6th April 2010 New powers to impose fines of up to £500,000 for serious breaches of the DPA will come into force on 6 April Data Breach Notification Law approved by EU Member states required to introduce the new rules by May 2011 PCI Compliance New prioritised approach in place, banks and card acquirers demanding progress Other Compliance Basel II, Sarbanes Oxley, ISO 27001 etc… Non-compliance reasons Reputational damage Fraud, etc 15 © 2012 IBM Corporation
IBM Security Systems IBM Rational AppScan End-to-End Application Security REQUIREMENTS CODE BUILD QA SECURITY PRODUCTION Security AppScan Requirements AppScan Source AppScan AppScan onDemand Definition Tester Standard (SaaS) AppScan Enterprise / Reporting Console (enterprise-wide scanning and reporting) Security Security / compliance Security & Outsourced testing requirements Automate Security Build security / Compliance testing incorporated Compliance for security audits & defined before testing into the into testing & Testing, oversight, production site design & testing in the IDE Build Process remediation control, policy, monitoring implementation workflows audits Application Security Best Practices 16 © 2012 IBM Corporation
IBM Security Systems IBM Rational AppScan End-to-End Application Security IBM Rational AppScan: A Web Application SECURITY Security Scanner – Helps users find and remediate application-layer security issues in their web applications & web services AppScan Standard IBM Rational AppScan Standard or Express Edition – A standalone desktop application Security & Compliance Who uses it? Testing, oversight, control, policy, – Security Auditors and IT Security Teams - To audits reach beyond network security – QA engineers - To add Security to Functionality & Performance testing – Developers (to a lesser extent) – Wanting to be proactive about security 17 © 2012 IBM Corporation
IBM Security Systems How does AppScan work? Approaches an application as a black-box Traverses a web application and builds the site model Determines the attack vectors based on the selected Test policy Tests by sending modified HTTP requests to the application and examining the HTTP response according to validate rules HTTP Request Web Application HTTP Response 18 © 2012 IBM Corporation
IBM Security Systems The ROI of Application Security Testing Cost Savings – of testing early in the development process 80% of development costs are spent identifying Cost of finding & fixing problems: and correcting defects code stage is $25, QA/Testing is $450, Production Testing for vulnerabilities earlier in the $16,000 * development process can help avoid that E.g.: 50 applications annually & 25 issues per unnecessary expense application, testing at code stage saves $780,000 over testing at QA stage. Cost Savings – of automated vs manual testing Automated testing provides tremendous Outsourced audits can cost $10,000 to $50,000 per productivity savings over manual testing application Automated source code testing with periodic At $20,000 an app, 50 audits will cost $1M. penetration testing allows for cost effective With 1 hire + 4 quarterly outsourced audits (ex: security analysis of applications $120,000+$80,000), $800,000/yr can be saved (less the cost of testing software) Cost Avoidance – of a security breach Costs as a result of a security breach can The cost to companies is $202 per include (but are not limited to) audit fees, compromised record** legal fees, regulatory fines, lost customer The average cost per data breach is $6.6 revenue and brand damage Million** * Source: Capers Jones, Applied Software Measurement, 1996 ** Source: Ponemon Institute, Privacy Rights Clearinghouse, 2008 19 © 2012 IBM Corporation
IBM Security Systems AppScan Product Path AppScan Express (single user) More than 1 user Upgrade to AppScan Standard (floating user) floating licence Multiple users AppScan Reporting Console (enterprise-wide reporting) Enterprise wide reporting & visibility AppScan Standard AppScan Standard (floating user) (floating user) AppScan Standard AppScan Standard (floating user) (floating user) AppScan Standard AppScan Standard (floating user) (floating user) 20 © 2012 IBM Corporation
IBM Security Systems Recent UK General Business sales… Q3 2011 – UK digital media production company A UK digital media production company had been using some open source tools for security testing and had suffered some recent security incidents that were driving them to improve their security posture Initial Demonstration of AppScan via webinar on 22nd August. Evaluation of AppScan completed via Webinars over following weeks. Deal for one licence of AppScan Standard Edition closed within the Quarter. Q4 2011 – UK publishing company UK magazine company: increasing focus on online content is driving a greater need for security Initial Demonstration of AppScan via webinar during Oct. Evaluation of AppScan completed within 1 week via onsite visit on 16th November. Deal for one licence of AppScan Standard Edition closed within the quarter. 21 © 2012 IBM Corporation
IBM Security Systems Problem #3: Managing workstations and servers… How long does it take you to… …determine the number of PCs that are infected? …patch all infected systems and protect the healthy ones? …realize that a user/malware just uninstalled a critical patch? …deploy patches not only on Windows but Linux, AIX, Solaris or Mac OS? X? 22 © 2012 IBM Corporation
IBM Security Systems Tivoli Endpoint Manager: See More, Secure More Tivoli Endpoint Manager for Security & Compliance Asset Discovery and Visibility Patch Management Multi-Vendor Endpoint Protection Security Configuration Management Management Vulnerability Management Network Self Quarantine Discover 10% - 30% more Library of 5,000+ compliance assets than previously reported settings, including support for FDCC SCAP, DISA STIG Automatically and continuously Achieve 95%+ first-pass enforce policy at the end point success rates within hours of policy or patch deployment 23 © 2012 IBM Corporation
IBM Security Systems The Tivoli Endpoint Manager Approach PIPEDA/ PIPA ISO/IEC 27001 Reporting and Enforcement on 5,000+ Controls 24 © 2012 IBM Corporation
IBM Security Systems TEM for SCM – Meeting Endpoint Compliance Requirements Requirement PCI ISO 27001 CobIT NIST 800-53 Implement anti-malware and keep endpoints current 5.1, 5.2 A12.6 DS5.9 SI-3 Define, implement, and enforce security configuration 2.1, 2.2, A12.1, DS9 CM-2,4,6 baselines 6.2 A15.2 Keep endpoints patched 6.1 A12.6 DS5.9 CM-2 Perform regular vulnerability scans and address findings 11.2 A12.6 PO9.3 RA-5 Keep a current network diagram, know when things are added 1.1 A7.1 DS13.3 CM-8 to the network Install, maintain endpoint firewalls, NAC 1.4 A11.4 DS5.10 AC-19 25 © 2012 IBM Corporation
IBM Security Systems Compliance Dashboard / Reporting • Real-time and historical visibility into the state of compliance • Identify critical gaps in compliance to defined policy • Customize dashboard to create different “lenses” into the compliance state • Computer Groups • Categories • Policy Templates • Drill-down into specific details of non- compliant or compliant systems • Compliance Focused executive reporting via web reports and DSS 26 © 2012 IBM Corporation
IBM Security Systems Security & Compliance Customer Success Stories • Failed internal audit of information security configuration compliance • Highly distributed infrastructure with centralized visibility and reporting • Customized SCM Controls to meet internal SCM requirements Financial Company • Failed PCI Audit due to poor configuration policy enforcement • No visibility into system configurations and no ability to report on compliance status • No ability to enforce configuration standards across infrastructure Retail Chain • Leveraged SCM Controls to achieve PCI specific requirements • Ongoing failures to secure systems and mitigate against threats caused by poorly configured and badly managed systems • Systems highly susceptible to internal abuse and external attack • Leveraged out-of-the-box DISA STIG SCM checklists to assess Government Agency compliance and automate remediation of non-compliant systems. 27 © 2012 IBM Corporation
2 8 IBM Security Systems Problem #4: Network threats… IBM Security Research and Development: X-Force X-Force R&D team discovers and analyzes previously unknown vulnerabilities in critical software and infrastructure such as: e-mail, networks, Internet applications, security protocols, business applications and VoIP. Additional to its own research, X-Force reviews each published vulnerability in order to monitor the threat landscape, determining new attack vectors, and offering a higher level of protection. One of X-Force’s publications is the quarterly Threat Insight report Source: IBM X-Force Database 28 © 2012 IBM Corporation
2 9 IBM Security Systems Preemptive Ahead of the Threat Security – backed up by data Top 61 Vulnerabilities 2009 341 Average days Ahead of the Threat 91 Median days Ahead of the Threat 35 Vulnerabilities Ahead of the Threat 57% Percentage of Top Vulnerabilities – Ahead of the Threat 9 Protection released post announcement 17 same day coverage 1H2010 – Average days Ahead of the Threat increased to 437! 29 © 2012 IBM Corporation
IBM Security Systems IBM Security Network IPS IBM Security Network IPS is an Appliance Core protection engine – Protocol Analysis Module (PAM) – delivers the most efficient IPS engine available Vulnerability-based protection requires fewer detection algorithms than competitive solutions that require a new signature for every new exploit Clients benefit with greater protection from fewer detection algorithms – Provides capacity for new features like Content Analysis and Web application security – Protection for older threats don’t have to be removed to maintain speed/ performance Clients benefit as X-Force continues to invest in PAM – Multithreaded version in development http://nsslabs.blogspot.com/2009/05/nss- awards-first-gold-in-5-years.html IBM is the first vendor to secure three NSS Labs Gold Awards in a row 30 © 2012 IBM Corporation
IBM Security Systems IBM Virtual Server Protection for VMware Integrated threat protection for VMware vSphere 4 5 Security Features – Rootkit Detection, Firewall, Intrusion Prevention, Virtual Network Admission Control, Auditing. VSP cannot monitor host-based events (e.g. file integrity) which require local installation VSP plugs into VMsafe and therefore cannot prevent threats to the underlying hardware and virtual network cards. 31 © 2012 IBM Corporation
IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United 32 States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2012 IBM Corporation

Recomendados

I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM USI går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM USIBM Danmark
 
Next generation SIEM 2012 (global #1 Q1Labs)
Next generation SIEM 2012 (global #1 Q1Labs)Next generation SIEM 2012 (global #1 Q1Labs)
Next generation SIEM 2012 (global #1 Q1Labs)Andris Soroka
 
Allister Frost - Microsoft, Marketers and the Psychology of the Social Web
Allister Frost - Microsoft, Marketers and the Psychology of the Social WebAllister Frost - Microsoft, Marketers and the Psychology of the Social Web
Allister Frost - Microsoft, Marketers and the Psychology of the Social WebPure360
 
Tyfone Next Gen Mobile Financial Services
Tyfone Next Gen Mobile Financial ServicesTyfone Next Gen Mobile Financial Services
Tyfone Next Gen Mobile Financial ServicesCarol Grunberg
 
InfoBulletin February 2011
InfoBulletin February 2011InfoBulletin February 2011
InfoBulletin February 2011Co-Operative Systems
 
IAB Annual Leadership Meeting 2013 - Amit Seth Keynote
IAB Annual Leadership Meeting 2013 - Amit Seth KeynoteIAB Annual Leadership Meeting 2013 - Amit Seth Keynote
IAB Annual Leadership Meeting 2013 - Amit Seth KeynoteAmit Seth
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?F-Secure Corporation
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 

Recomendados

I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM USI går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM USIBM Danmark
 
Next generation SIEM 2012 (global #1 Q1Labs)
Next generation SIEM 2012 (global #1 Q1Labs)Next generation SIEM 2012 (global #1 Q1Labs)
Next generation SIEM 2012 (global #1 Q1Labs)Andris Soroka
 
Allister Frost - Microsoft, Marketers and the Psychology of the Social Web
Allister Frost - Microsoft, Marketers and the Psychology of the Social WebAllister Frost - Microsoft, Marketers and the Psychology of the Social Web
Allister Frost - Microsoft, Marketers and the Psychology of the Social WebPure360
 
Tyfone Next Gen Mobile Financial Services
Tyfone Next Gen Mobile Financial ServicesTyfone Next Gen Mobile Financial Services
Tyfone Next Gen Mobile Financial ServicesCarol Grunberg
 
InfoBulletin February 2011
InfoBulletin February 2011InfoBulletin February 2011
InfoBulletin February 2011Co-Operative Systems
 
IAB Annual Leadership Meeting 2013 - Amit Seth Keynote
IAB Annual Leadership Meeting 2013 - Amit Seth KeynoteIAB Annual Leadership Meeting 2013 - Amit Seth Keynote
IAB Annual Leadership Meeting 2013 - Amit Seth KeynoteAmit Seth
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?F-Secure Corporation
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netxband
 
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Thierry Matusiak
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...IBM Security
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 
Grow your future with leasing.
Grow your future with leasing.Grow your future with leasing.
Grow your future with leasing.Arrow ECS UK
 
Arrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education PartnerArrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education PartnerArrow ECS UK
 
Arrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training CentreArrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training CentreArrow ECS UK
 
Arrow Live Class Link
Arrow Live Class LinkArrow Live Class Link
Arrow Live Class LinkArrow ECS UK
 
Arrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business PartnersArrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business PartnersArrow ECS UK
 
2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internet2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internetArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald PresentationArrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald PresentationArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart SimmonsArrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart SimmonsArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonaldArrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonaldArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian FrenchArrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian FrenchArrow ECS UK
 
Arrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David FearneArrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David FearneArrow ECS UK
 
Arrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete StoryArrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete StoryArrow ECS UK
 
Helping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBMHelping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBMArrow ECS UK
 
Arrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV JamArrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV JamArrow ECS UK
 

Más contenido relacionado

Destacado

Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netxband
 
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Thierry Matusiak
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...IBM Security
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 

Destacado (8)

Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
 
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 

Más de Arrow ECS UK

Grow your future with leasing.
Grow your future with leasing.Grow your future with leasing.
Grow your future with leasing.Arrow ECS UK
 
Arrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education PartnerArrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education PartnerArrow ECS UK
 
Arrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training CentreArrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training CentreArrow ECS UK
 
Arrow Live Class Link
Arrow Live Class LinkArrow Live Class Link
Arrow Live Class LinkArrow ECS UK
 
Arrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business PartnersArrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business PartnersArrow ECS UK
 
2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internet2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internetArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald PresentationArrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald PresentationArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart SimmonsArrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart SimmonsArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonaldArrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonaldArrow ECS UK
 
Arrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian FrenchArrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian FrenchArrow ECS UK
 
Arrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David FearneArrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David FearneArrow ECS UK
 
Arrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete StoryArrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete StoryArrow ECS UK
 
Helping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBMHelping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBMArrow ECS UK
 
Arrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV JamArrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV JamArrow ECS UK
 
IBM Business Analytics Marketing Overview
IBM Business Analytics Marketing OverviewIBM Business Analytics Marketing Overview
IBM Business Analytics Marketing OverviewArrow ECS UK
 
Gain maximum benefit from Channel Technical Professionals and the technical p...
Gain maximum benefit from Channel Technical Professionals and the technical p...Gain maximum benefit from Channel Technical Professionals and the technical p...
Gain maximum benefit from Channel Technical Professionals and the technical p...Arrow ECS UK
 
IBM - Full year Go-to-market plan template
IBM - Full year Go-to-market plan templateIBM - Full year Go-to-market plan template
IBM - Full year Go-to-market plan templateArrow ECS UK
 
How to Win against the Competition
How to Win against the CompetitionHow to Win against the Competition
How to Win against the CompetitionArrow ECS UK
 
Align IBM with your business for IBM Business Partners
Align IBM with your business for IBM Business PartnersAlign IBM with your business for IBM Business Partners
Align IBM with your business for IBM Business PartnersArrow ECS UK
 
Working with the IBM Business Analytics Channel
Working with the IBM Business Analytics ChannelWorking with the IBM Business Analytics Channel
Working with the IBM Business Analytics ChannelArrow ECS UK
 

Más de Arrow ECS UK (20)

Grow your future with leasing.
Grow your future with leasing.Grow your future with leasing.
Grow your future with leasing.
 
Arrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education PartnerArrow are No.1 Juniper Networks Authorised Education Partner
Arrow are No.1 Juniper Networks Authorised Education Partner
 
Arrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training CentreArrow are No.1 Check Point Training Centre
Arrow are No.1 Check Point Training Centre
 
Arrow Live Class Link
Arrow Live Class LinkArrow Live Class Link
Arrow Live Class Link
 
Arrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business PartnersArrow ECS Social Media for Business Partners
Arrow ECS Social Media for Business Partners
 
2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internet2014 ofcom communications_market_report_internet
2014 ofcom communications_market_report_internet
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald PresentationArrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
Arrow IBM MSP & ISV Jam - Jonathan MacDonald Presentation
 
Arrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart SimmonsArrow IBM MSP & ISV Jam - Stuart Simmons
Arrow IBM MSP & ISV Jam - Stuart Simmons
 
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonaldArrow IBM MSP & ISV Jam - Jonathan MacDonald
Arrow IBM MSP & ISV Jam - Jonathan MacDonald
 
Arrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian FrenchArrow IBM MSP & ISV Jam - Ian French
Arrow IBM MSP & ISV Jam - Ian French
 
Arrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David FearneArrow IBM MSP & ISV Jam - David Fearne
Arrow IBM MSP & ISV Jam - David Fearne
 
Arrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete StoryArrow IBM MSP & ISV Jam - The Complete Story
Arrow IBM MSP & ISV Jam - The Complete Story
 
Helping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBMHelping Innovators to Innovate, Arrow ECS and IBM
Helping Innovators to Innovate, Arrow ECS and IBM
 
Arrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV JamArrow and IBM, MSP & ISV Jam
Arrow and IBM, MSP & ISV Jam
 
IBM Business Analytics Marketing Overview
IBM Business Analytics Marketing OverviewIBM Business Analytics Marketing Overview
IBM Business Analytics Marketing Overview
 
Gain maximum benefit from Channel Technical Professionals and the technical p...
Gain maximum benefit from Channel Technical Professionals and the technical p...Gain maximum benefit from Channel Technical Professionals and the technical p...
Gain maximum benefit from Channel Technical Professionals and the technical p...
 
IBM - Full year Go-to-market plan template
IBM - Full year Go-to-market plan templateIBM - Full year Go-to-market plan template
IBM - Full year Go-to-market plan template
 
How to Win against the Competition
How to Win against the CompetitionHow to Win against the Competition
How to Win against the Competition
 
Align IBM with your business for IBM Business Partners
Align IBM with your business for IBM Business PartnersAlign IBM with your business for IBM Business Partners
Align IBM with your business for IBM Business Partners
 
Working with the IBM Business Analytics Channel
Working with the IBM Business Analytics ChannelWorking with the IBM Business Analytics Channel
Working with the IBM Business Analytics Channel
 

Último

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

IBM Security Intelligence, Integration and Expertise

  • 1. IBM Security Systems IBM Security Intelligence, Integration and Expertise Vaughan Harper IBM Security Architect 22 February, 2012 © 2012 IBM Corporation 1 © 2012 IBM Corporation
  • 2. IBM Security Systems The world is becoming more digitized and interconnected, opening the door to emerging threats and leaks… The age of Big Data – the explosion of digital DATA information – has arrived and is facilitated by EXPLOSION the pervasiveness of applications accessed from everywhere With the advent of Enterprise 2.0 and social CONSUMERIZATION business, the line between personal and OF IT professional hours, devices and data has disappeared Organizations continue to move to new EVERYTHING platforms including cloud, virtualization, IS EVERYWHERE mobile, social business and more The speed and dexterity of attacks has ATTACK increased coupled with new actors with new SOPHISTICATION motivations from cyber crime to terrorism to state-sponsored intrusions 2 © 2012 IBM Corporation
  • 3. IBM Security Systems Targeted Attacks Shake Businesses and Governments Attack Type Bethesda Software SQL Injection URL Tampering Northrop Italy Grumman IMF PM Fox News Site Spear Phishing X-Factor 3rd Party SW Citigroup Spanish Nat. Sega DDoS Police Secure ID Gmail Booz Accounts Epsilon PBS Allen Hamilton Unknown Vanguard Sony PBS SOCA Defense Monsanto Malaysian Gov. Site Peru HB Gary RSA Lockheed Special Police Martin Nintendo Brazil Gov. L3 SK Communications Sony BMG Communications Size of circle estimates relative Greece Turkish Government Korea impact of breach AZ Police US Senate NATO Feb Mar April May June July Aug 3 IBM Security X-Force® 2011 Midyear Trend and Risk Report September 2011 © 2012 IBM Corporation
  • 4. IBM Security Systems IT Security is a board room discussion Business Brand image Supply chain Legal Impact of Audit risk results exposure hacktivism Sony estimates HSBC data Epsilon breach TJX estimates Lulzsec 50-day Zurich potential $1B breach impacts 100 $150M class hack-at-will Insurance PLc long term discloses 24K national brands action spree impacts fined £2.275M impact – private banking settlement in Nintendo, CIA, ($3.8M) for the $171M / 100 customers release of PBS, UK NHS, loss and customers* credit / debit UK SOCA, exposure of card info Sony … 46K customer records 4 *Sources for all breaches shown in speaker notes © 2012 IBM Corporation
  • 5. IBM Security Systems Solving a security issue is a complex, four-dimensional puzzle People Employees Consultants Hackers Terrorists Outsourcers Customers Suppliers Data Structured Unstructured At rest In motion Systems Applications Web applications Web 2.0 Mobile apps applications Infrastructure It is no longer enough to protect the perimeter – siloed point products will not secure the enterprise 5 © 2012 IBM Corporation
  • 6. IBM Security Systems In this “new normal”, organizations need an intelligent view of their security posture In Sec te u lli rit ge y nc e O Automated pt im iz ed Optimized Prr P Organizations use offi o predictive and ic i ci automated security en en analytics to drive toward tt security intelligence Basic Ba Manual Organizations s employ perimeter Proficient ic protection, which Security is layered regulates access and into the IT fabric and feeds manual reporting business operations Reactive Proactive 6 © 2012 IBM Corporation
  • 7. IBM Security Systems IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework Only vendor in the market with end-to- end coverage of the security foundation 6K+ security engineers and consultants Award-winning X-Force® research Largest vulnerability database in the industry Intelligence Intelligence ● ● Integration Integration ● ● Expertise Expertise 7 © 2012 IBM Corporation
  • 8. IBM Security Systems Intelligence: Leading products and services in every segment 8 © 2012 IBM Corporation
  • 9. IBM Security Systems Expertise: Unmatched global coverage and security awareness Security Operations Centers Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches World Wide Managed IBM Research Security Services Coverage 20,000+ devices under contract 20,000+ devices under contract 3,700+ MSS clients worldwide 3,700+ MSS clients worldwide 9B+ events managed per day 9B+ events managed per day 1,000+ security patents 1,000+ security patents 133 monitored countries (MSS) 133 monitored countries (MSS) 9 © 2012 IBM Corporation
  • 10. IBM Security Systems Problem #1: Passwords… Most users need to log on to multiple systems to do their job It takes time to log on to each system It’s difficult to remember all the passwords It’s impossible to remember all your passwords if they’re all strong, all different, and some are used infrequently Volume of different applications (17 applications for one user we were talking to) 10 © 2012 IBM Corporation
  • 11. IBM Security Systems Demonstration… 11 © 2012 IBM Corporation
  • 12. IBM Security Systems Latest IBM Security Access Manager for Enterprise Single Sign-On Desktop Single Sign-On, Strong Authentication and Fine-Grained User Activity Audit Logs Simplify password management and strengthen end user security Business challenge Reduce help desk costs, improve productivity and strengthen security on traditional, virtual, shared desktop environments Key solution highlights • Virtual Appliance for faster time to value - Easier deployment and management leading to lower TCO • Virtualized desktops and applications virtualization support - Support VMware View, IBM Virtual Desktop for Smart Business - Desktop access to virtualized MSFT App-V or Citrix XenApp • Wider platform support - Support for Win 7 64-bit, Win 2008, Internet Explorer 8 & 9 • Enhanced Strong Authentication Support “IBM’s Security Access Manager for Enterprise Single - Hybrid RFID smart card, support for National IDs Sign-On helped achieve a ROI of 244% over 3 years with a payback period of 11 months” (Large UK financial services company) 12 © 2012 IBM Corporation
  • 13. IBM Security Systems Problem #2: Badly developed websites… 13 © 2012 IBM Corporation
  • 14. IBM Security Systems Application Vulnerabilities Continue to Dominate Web application vulnerabilities represented the largest category in vulnerability disclosures (55% in 2008) In 1H09, 50.4% of all vulnerabilities are Web application vulnerabilities SQL injection and Cross-Site Scripting are neck and neck in a race for the top spot Vulnerability Disclosures Affecting Web Applications (Cumulative, Year Over Year) 18,000 16,000 14,000 12,000 10,000 8,000 6,000 4,000 2,000 - 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 H1 IBM Internet Security Systems 2009 X-Force® Mid-Year Trend & Risk Report 14 © 2012 IBM Corporation
  • 15. IBM Security Systems Why Security Matters ? ICO £500K fines from 6th April 2010 New powers to impose fines of up to £500,000 for serious breaches of the DPA will come into force on 6 April Data Breach Notification Law approved by EU Member states required to introduce the new rules by May 2011 PCI Compliance New prioritised approach in place, banks and card acquirers demanding progress Other Compliance Basel II, Sarbanes Oxley, ISO 27001 etc… Non-compliance reasons Reputational damage Fraud, etc 15 © 2012 IBM Corporation
  • 16. IBM Security Systems IBM Rational AppScan End-to-End Application Security REQUIREMENTS CODE BUILD QA SECURITY PRODUCTION Security AppScan Requirements AppScan Source AppScan AppScan onDemand Definition Tester Standard (SaaS) AppScan Enterprise / Reporting Console (enterprise-wide scanning and reporting) Security Security / compliance Security & Outsourced testing requirements Automate Security Build security / Compliance testing incorporated Compliance for security audits & defined before testing into the into testing & Testing, oversight, production site design & testing in the IDE Build Process remediation control, policy, monitoring implementation workflows audits Application Security Best Practices 16 © 2012 IBM Corporation
  • 17. IBM Security Systems IBM Rational AppScan End-to-End Application Security IBM Rational AppScan: A Web Application SECURITY Security Scanner – Helps users find and remediate application-layer security issues in their web applications & web services AppScan Standard IBM Rational AppScan Standard or Express Edition – A standalone desktop application Security & Compliance Who uses it? Testing, oversight, control, policy, – Security Auditors and IT Security Teams - To audits reach beyond network security – QA engineers - To add Security to Functionality & Performance testing – Developers (to a lesser extent) – Wanting to be proactive about security 17 © 2012 IBM Corporation
  • 18. IBM Security Systems How does AppScan work? Approaches an application as a black-box Traverses a web application and builds the site model Determines the attack vectors based on the selected Test policy Tests by sending modified HTTP requests to the application and examining the HTTP response according to validate rules HTTP Request Web Application HTTP Response 18 © 2012 IBM Corporation
  • 19. IBM Security Systems The ROI of Application Security Testing Cost Savings – of testing early in the development process 80% of development costs are spent identifying Cost of finding & fixing problems: and correcting defects code stage is $25, QA/Testing is $450, Production Testing for vulnerabilities earlier in the $16,000 * development process can help avoid that E.g.: 50 applications annually & 25 issues per unnecessary expense application, testing at code stage saves $780,000 over testing at QA stage. Cost Savings – of automated vs manual testing Automated testing provides tremendous Outsourced audits can cost $10,000 to $50,000 per productivity savings over manual testing application Automated source code testing with periodic At $20,000 an app, 50 audits will cost $1M. penetration testing allows for cost effective With 1 hire + 4 quarterly outsourced audits (ex: security analysis of applications $120,000+$80,000), $800,000/yr can be saved (less the cost of testing software) Cost Avoidance – of a security breach Costs as a result of a security breach can The cost to companies is $202 per include (but are not limited to) audit fees, compromised record** legal fees, regulatory fines, lost customer The average cost per data breach is $6.6 revenue and brand damage Million** * Source: Capers Jones, Applied Software Measurement, 1996 ** Source: Ponemon Institute, Privacy Rights Clearinghouse, 2008 19 © 2012 IBM Corporation
  • 20. IBM Security Systems AppScan Product Path AppScan Express (single user) More than 1 user Upgrade to AppScan Standard (floating user) floating licence Multiple users AppScan Reporting Console (enterprise-wide reporting) Enterprise wide reporting & visibility AppScan Standard AppScan Standard (floating user) (floating user) AppScan Standard AppScan Standard (floating user) (floating user) AppScan Standard AppScan Standard (floating user) (floating user) 20 © 2012 IBM Corporation
  • 21. IBM Security Systems Recent UK General Business sales… Q3 2011 – UK digital media production company A UK digital media production company had been using some open source tools for security testing and had suffered some recent security incidents that were driving them to improve their security posture Initial Demonstration of AppScan via webinar on 22nd August. Evaluation of AppScan completed via Webinars over following weeks. Deal for one licence of AppScan Standard Edition closed within the Quarter. Q4 2011 – UK publishing company UK magazine company: increasing focus on online content is driving a greater need for security Initial Demonstration of AppScan via webinar during Oct. Evaluation of AppScan completed within 1 week via onsite visit on 16th November. Deal for one licence of AppScan Standard Edition closed within the quarter. 21 © 2012 IBM Corporation
  • 22. IBM Security Systems Problem #3: Managing workstations and servers… How long does it take you to… …determine the number of PCs that are infected? …patch all infected systems and protect the healthy ones? …realize that a user/malware just uninstalled a critical patch? …deploy patches not only on Windows but Linux, AIX, Solaris or Mac OS? X? 22 © 2012 IBM Corporation
  • 23. IBM Security Systems Tivoli Endpoint Manager: See More, Secure More Tivoli Endpoint Manager for Security & Compliance Asset Discovery and Visibility Patch Management Multi-Vendor Endpoint Protection Security Configuration Management Management Vulnerability Management Network Self Quarantine Discover 10% - 30% more Library of 5,000+ compliance assets than previously reported settings, including support for FDCC SCAP, DISA STIG Automatically and continuously Achieve 95%+ first-pass enforce policy at the end point success rates within hours of policy or patch deployment 23 © 2012 IBM Corporation
  • 24. IBM Security Systems The Tivoli Endpoint Manager Approach PIPEDA/ PIPA ISO/IEC 27001 Reporting and Enforcement on 5,000+ Controls 24 © 2012 IBM Corporation
  • 25. IBM Security Systems TEM for SCM – Meeting Endpoint Compliance Requirements Requirement PCI ISO 27001 CobIT NIST 800-53 Implement anti-malware and keep endpoints current 5.1, 5.2 A12.6 DS5.9 SI-3 Define, implement, and enforce security configuration 2.1, 2.2, A12.1, DS9 CM-2,4,6 baselines 6.2 A15.2 Keep endpoints patched 6.1 A12.6 DS5.9 CM-2 Perform regular vulnerability scans and address findings 11.2 A12.6 PO9.3 RA-5 Keep a current network diagram, know when things are added 1.1 A7.1 DS13.3 CM-8 to the network Install, maintain endpoint firewalls, NAC 1.4 A11.4 DS5.10 AC-19 25 © 2012 IBM Corporation
  • 26. IBM Security Systems Compliance Dashboard / Reporting • Real-time and historical visibility into the state of compliance • Identify critical gaps in compliance to defined policy • Customize dashboard to create different “lenses” into the compliance state • Computer Groups • Categories • Policy Templates • Drill-down into specific details of non- compliant or compliant systems • Compliance Focused executive reporting via web reports and DSS 26 © 2012 IBM Corporation
  • 27. IBM Security Systems Security & Compliance Customer Success Stories • Failed internal audit of information security configuration compliance • Highly distributed infrastructure with centralized visibility and reporting • Customized SCM Controls to meet internal SCM requirements Financial Company • Failed PCI Audit due to poor configuration policy enforcement • No visibility into system configurations and no ability to report on compliance status • No ability to enforce configuration standards across infrastructure Retail Chain • Leveraged SCM Controls to achieve PCI specific requirements • Ongoing failures to secure systems and mitigate against threats caused by poorly configured and badly managed systems • Systems highly susceptible to internal abuse and external attack • Leveraged out-of-the-box DISA STIG SCM checklists to assess Government Agency compliance and automate remediation of non-compliant systems. 27 © 2012 IBM Corporation
  • 28. 2 8 IBM Security Systems Problem #4: Network threats… IBM Security Research and Development: X-Force X-Force R&D team discovers and analyzes previously unknown vulnerabilities in critical software and infrastructure such as: e-mail, networks, Internet applications, security protocols, business applications and VoIP. Additional to its own research, X-Force reviews each published vulnerability in order to monitor the threat landscape, determining new attack vectors, and offering a higher level of protection. One of X-Force’s publications is the quarterly Threat Insight report Source: IBM X-Force Database 28 © 2012 IBM Corporation
  • 29. 2 9 IBM Security Systems Preemptive Ahead of the Threat Security – backed up by data Top 61 Vulnerabilities 2009 341 Average days Ahead of the Threat 91 Median days Ahead of the Threat 35 Vulnerabilities Ahead of the Threat 57% Percentage of Top Vulnerabilities – Ahead of the Threat 9 Protection released post announcement 17 same day coverage 1H2010 – Average days Ahead of the Threat increased to 437! 29 © 2012 IBM Corporation
  • 30. IBM Security Systems IBM Security Network IPS IBM Security Network IPS is an Appliance Core protection engine – Protocol Analysis Module (PAM) – delivers the most efficient IPS engine available Vulnerability-based protection requires fewer detection algorithms than competitive solutions that require a new signature for every new exploit Clients benefit with greater protection from fewer detection algorithms – Provides capacity for new features like Content Analysis and Web application security – Protection for older threats don’t have to be removed to maintain speed/ performance Clients benefit as X-Force continues to invest in PAM – Multithreaded version in development http://nsslabs.blogspot.com/2009/05/nss- awards-first-gold-in-5-years.html IBM is the first vendor to secure three NSS Labs Gold Awards in a row 30 © 2012 IBM Corporation
  • 31. IBM Security Systems IBM Virtual Server Protection for VMware Integrated threat protection for VMware vSphere 4 5 Security Features – Rootkit Detection, Firewall, Intrusion Prevention, Virtual Network Admission Control, Auditing. VSP cannot monitor host-based events (e.g. file integrity) which require local installation VSP plugs into VMsafe and therefore cannot prevent threats to the underlying hardware and virtual network cards. 31 © 2012 IBM Corporation
  • 32. IBM Security Systems ibm.com/security © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United 32 States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2012 IBM Corporation