Publicidad
Check these out next
Cisco connect winnipeg 2018 accelerating incident response in organizations of any size
1 de Jun de 2018•0 recomendaciones•1,308 vistas
0 recomendaciones
Sé el primero en que te guste
ver más
vistas
Total de vistas
0
En Slideshare
0
De embebidos
0
Número de embebidos
0
Descargar para leer sin conexión
Denunciar
Tecnología
Cisco connect winnipeg 2018 accelerating incident response in organizations of any size
Cisco CanadaSeguir
Cisco CanadaPublicidad
Publicidad
Publicidad
Recomendados
Cisco connect winnipeg 2018 we make it simpleCisco Canada
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco Canada
Cisco Connect Halifax 2018 Accelerating incident response in organizations...Cisco Canada
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
Cisco Connect Halifax 2018 Anatomy of attackCisco Canada
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Canada
Cisco connect winnipeg 2018 accelerating incident response in organizations of any size
- © 2016 Cisco and/or its affiliates. All rights reserved. 1 Accelerating Incident Response in organizations of Any Size April, 2018 Sean Earhard Advanced Threat Solution Specialist Jean-Paul Kerouanton Advanced Threat Solution CSE
- 2© 2016 Cisco and/or its affiliates. All rights reserved. 9:36AM
- 3© 2016 Cisco and/or its affiliates. All rights reserved. How does your current security infrastructure help you respond to incidents?
- 4© 2016 Cisco and/or its affiliates. All rights reserved. ANTIVIRUS ANTIVIRUS Vendors pumping out update after update after update after update… Firewall Web filter Email filter ANTIVIRUS SERVER consoles pumping out alert after alert after alert after alert… ! ! ! !
- 5© 2016 Cisco and/or its affiliates. All rights reserved. Typical Incident Response workflow
- 6© 2016 Cisco and/or its affiliates. All rights reserved. INVESTIGATE INCIDENTS RECOVER IMPROVE DEFENSE REDUCE THE ATTACK SURFACE ALERTS SECURITY ARCHITECTURE BLOCK
- 7© 2016 Cisco and/or its affiliates. All rights reserved. What we will show today
- 8© 2016 Cisco and/or its affiliates. All rights reserved.
- 9© 2016 Cisco and/or its affiliates. All rights reserved. Email Security ThreatGrid Umbrella SIG Cisco ISE NextGen Firewall Email Security AMP for Endpoints AMP AMP AMP AMP Cisco ISE Umbrella Investigate AMP AMP CISCO TALOS
- 10© 2016 Cisco and/or its affiliates. All rights reserved. Cisco ISE NextGen Firewall Cisco ISE Email Security AMP for Endpoints Cisco ISE Cisco ISE ThreatGrid Umbrella SIG Cisco ISE NextGen Firewall Email Security AMP for Endpoints CISCO TALOS AMP AMP AMP AMP Umbrella Investigate AMP AMP 30+ day recorded history = accelerated IR Continuous analysis of that recorded history = automated hunting
- 11© 2016 Cisco and/or its affiliates. All rights reserved. COGNITIVE THREAT ANALYTICS EMAIL WEB FIREWALL MERAKI UMBRELLA THREATGRID Blocking AMP Endpoint AMP
- 12© 2016 Cisco and/or its affiliates. All rights reserved. Today’s IR scenarios
- 13© 2016 Cisco and/or its affiliates. All rights reserved. Want to try it out yourself?
Publicidad