Threats have gone stealthy hiding behind normal enterprise activity and under mountains of log data. Join McAfee and Gartner’s SIEM veteran and research Vice President Anton Chuvakin as he uncovers details on using SIEM to unmask, understand and respond to threats.
Learn from industry experts insights on proven approaches to get real time visibility on enterprise risks and minimize the impact of a security breach.
Webinar topics :
•SIEM detection methods to reveal hidden threats.
•Prioritize alerts by leveraging contextual information.
•Reduce the impact of detected incidents.
The ever increasing sophistication of attacks requires smarter security monitoring. Low and slow attacks, APTs and the ability to get infected by an employee simply clicking on a link demand a more accurate means to identify security issues. This webinar will address how to evolve security monitoring to gain the insight that is required. The key to accurate insight is the ability to associate threat, asset, user, data and other risk factors to pinpoint attacks. Topics to be covered include:
The "old" SIEM model of event monitoring and why it needs to evolve
Methods for easily gathering contextual data for SIEM
How contextual data improves the security monitoring process
McAfee experts will take attendees through the rich capabilities and scalable architecture of McAfee ESM and Securonix experts will explore the advantages of integrated identity risk intelligence, including real world success stories and in-depth demonstration. Learn how to Increase attack detection accuracy; Combat advanced persistent threats; and Effectively manage risk and identify suspicious insider behavior in real-time.Read more >
SIEMs have been around for years and many companies are wondering if they actually got a return on their investment. Meanwhile, multiple vendors are claiming that their latest tool can do everything that a SIEM can and more! Can the SIEM survive?
We believe that the SIEM is not dead. SIEM is evolving. It must be remembered though that a SIEM is a living, breathing creature that must be cared, fed and interacted with in order to thrive. SIEMs have gotten more robust and can be used to interact with other security programs in ways that they couldn’t a few years ago. Companies need to utilize the SIEM as their central pane of glass to see the threats to their environment and use integration with other tools to help ensure the security of their electronic data.
The promise of SIEM is clearly an essential one – aggregate, correlate & analyze all of the security-relevant information in your environment so that you can:
Measure your information security program
However, going from installation to insight with a SIEM can be a challenge. Tune in for this webcast to learn 6 practical steps every IT admin should take before embarking on a SIEM deployment.
Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.
Learn from your peers about the following:
- Before environment and issues
- Transition effort, cost and impact
- After environment and benefits
- Best practices for managed SIEM
- Your network and next steps
Quickly hear how to plan your SIEM Roadmap. For more information, watch the 30 minute webinar.Read more >
Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.
Attendees will learn:
- SIEM architecture changes for visibility
- Increasing complexity of data analytics to explore
- SIEM taxonomy and trade-offs between generations
- Analyst recommendations & best practices
- Why resources are key to SIEM success
Today’s cyber threat landscape demands a fresh look at security intelligence. Whether you have a first generation SIEM (e.g., ArcSight, enVision, Q1 Labs, etc.) in place today and are concerned about blind spots or are overwhelmed by its complexity, or you’re considering deploying a SIEM for the first time, this panel discussion will give you practical insights from SIEM veterans that will help you refine your security intelligence strategy.
Watch a moderated panel discussion featuring security experts who will discuss:
-Cyber security dynamics fueling the need for improved Security Intelligence
-Visibility and functional gaps to be aware of in first generation SIEMs
-Selecting a SIEM: Key considerations and requirements
-Migration considerations when moving to a new SIEM
-Assessing the staffing requirements for a new SIEM deployment
Justin Everett: Security Analyst, Williams Companies
Dave Wiseman: Director of Information Security, Saint Luke's Health System
VP and Chief Information Security Officer, Fortune 500 Healthcare Services Company"
The secret to catching intruders with your SIEM is to feed it as much information as possible, the infosec world has been doing a better and better job by scaling SIEM technology up and integrating nearly every raw audit log from network devices, operating systems and even applications. But these logs are more raw data than refined information. It's time to make sure you are also feeding your SIEM the high value sources of security information from all the other security technologies and products on your network. You want your SIEM to have deep and wide visibility. Visibility at every level of your technology stack and across your entire network.
When you look at the event log spectrum ranging from raw log data to high level/value security information - nothing is higher level, more refined and actionable than security technologies such as your:
-Next generation firewall
The list goes on. In this webinar learn the different opportunities to feed your SIEM extra nutritious event feeds from all the different security technologies on your network. Also, look at real world scenarios and explore how to correlate high level security information like this with the low level stuff coming from more traditional logs.
Chartered with securing both the PII of over 250,000 physicians and a vast amount of highly valued intellectual property amidst a rapidly evolving threat landscape, Paul Lynch, Director of Data Security and Networks at the American Board of Internal Medicine (ABIM), recognized the need to move beyond a traditional SIEM, and employ a more holistic approach to Security Intelligence.
In this CISO Executive Network webinar, Mr. Lynch will share with you the path he took to go from defining ABIM’s core security intelligence requirements to making his ultimate selection. The path included establishing a detailed score card for evaluating various SIEM solutions, moving from eight vendors’ to a short list of four, then testing and ultimately selecting a unified platform for ABIM.
Whether you have an existing SIEM platform and are overwhelmed by its complexity, inadequate visibility to today’s advance threats or the manpower required to manage it, or you’re considering deploying SIEM for the first time, you’ll benefit greatly by joining us for this webinar.
Key themes to be covered include:
• SIEM for Security vs. IT Operations – understanding and prioritizing your options
• Establishing a score card to evaluate vendors and solutions
• How to leveraging market research and outside perspectives to inform your decision
• Considering total cost of ownership (price, deployment, implementation, usability, management)
Briefly hear about SIEM Detection and Response Cases. For more information, watch the 30 minute webinar.Read more >
In an ideal world, Security Information and Event Management (SIEM) acts as a central repository for security events, ingesting logs from disparate systems, identifying and correlating information, and utilizing threat intelligence against the resulting data set to identify problems.
But those capabilities come at a setup cost. The promise is there, but SIEM implementation projects can elicit a groan from security managers at the same time.
Join Daniel Kennedy, Research Director for 451 Research Voice of the Enterprise: Information Security, for a 45-minute webinar and Q&A summarizing key findings from more than 900 customer responses gathered during 451 Research's Q3 Voice of the Enterprise: Information Security survey.
This Webinar will reveal:
• The top concerns of information security managers
• Where budgets are heading
• The characteristics and inhibitors of Security Information and Event Management (SIEM) in the enterprise, and
• How customers position vendors in the competitive landscape as shown by 451 Research's proprietary Vendor Window.
Come armed with your own questions - there will be time for Q&A at the end of the session.
Deploying and managing security information and event management systems can tax the brain and budget. However, if done right, these solutions can be a huge benefit to the overall security stance of an organization, providing insight into what's happening on the entire network and enabling security teams to focus on the most pressing priorities to make sure their organizations' infrastructures are safe and sound from attacks. We explore the many challenges organizations face when deploying SIEM and offer remedies that can optimize their use.Read more >
In the next 3 minutes, you will learn how to weigh the cost of SIEM (Security Event and Information Management) solutions versus the risks associated with mis-reading security alerts.
For more in-depth information, check out "The Cost of SIEM".
Wenn Sie heute angegriffen werden oder Daten verlieren, finden sich in aller Regel Spuren davon in Ihren Logquellen. In diesem Webcast erfahren Sie, wie Sie die Spuren lesen und wie Sie neueste Analyse-Technologien einsetzen, um Schaden bereits im Vorfeld abzuwenden.
In diesem Webinar erfahren Sie, welche Technologien Sie einsetzen können, um Ihr Unternehmen gezielt vor Angriffen von außen und innen abzusichern und vor Schäden zu bewahren:
Im Detail geht es um:
•Logmanagement: Einsammeln und Aufbereiten von Loginformationen unterschiedlichster Quellen.
•Security Incident und Event Management (SIEM): Filtern und Korrelieren von Informationen, um Angriffe und Abweichungen erkennen zu können.
•Threat Intelligence: Was passiert bei Ihnen, was passiert bei anderen und wie können Sie sich gegenseitig helfen.
•Analytics: Wie kann man mit neuen Technologien proaktiv Schäden vermeiden.
Security breach and incident headlines each week make the case for detective defenses very clear. Not looking at alerts, logs and events, or worse yet ignoring them is costly. However, understanding the costs of a security solution like Security Event and Information Management (SIEM) remain fundamental for project success. Limited resources and time will restrict your reach with detective defenses like SIEM that are known for high costs, complexity and resource allocation.
The cost of cyber crime continues to increase and the ability to detect infections, open exploitable vulnerabilities and security risks can reduce the costs for incidents or a data breach. There is no such thing as a secure network is a perspective we face each day and detection defenses are a requirement. Attend to learn the following about the costs of detective defenses including SIEM:
- What are the cost trends for security incidents & breaches?
- What are the largest costs for detective defenses?
- What response activity consumes the most resources?
- What can reduce the cost of detection and containment?
- How to build a case for detective defenses on your network.
Holding off on getting a SIEM, or frustrated with the one you’ve got?
Security information and event management (SIEM) solutions have been deployed for over a decade but the vision offered by vendors and analysts is rarely realized by customers. Roughly one-third of new SIEM sales today are replacements for “failed” SIEM deployments. Listen in as our experts highlight the major challenges to selecting, deploying and more importantly, operating a SIEM. Then the conversation will shift to focus on six strategies to augment your resources using Trustwave managed services so that you can realize the full vision of a SIEM solution.
Join this informative webinar where you will learn how to:
•Fund, deploy and operate a SIEM that sets you up for success
•Optimize automatic log collection and threat correlation
•Efficiently identify, stop, and resolve breaches.
Both insider and external threats will attempt to exploit highly privileged administrative accounts to perform unauthorized tasks that could lead to data theft or sabotage. In this session we will demonstrate how a SIEM can enable organizations to adopt best practices for managing privileged user activity such as:
Separation of Duties
Audit Privileged Sessions
Forbid All Access Accounts
Real Time Response to Suspicious Privilege Escalation