Improving Security with Metadata

Logo
Presented by

Preetham Gopalaswamy, Senior Director, Product Management, Gigamon

About this talk

Imagine what a security analyst could deduce if they had visibility into all the common applications flowing through their network. They could optimize the data being sent to security tools, correlate information across the various protocols to know who is talking to whom and get visibility into malware and bad actors that may be hiding on the network. Many enterprises aggregate information from various sources, such as events and logs from DNS servers, web servers and security tools, to hunt for threat events and indicators of compromise. But these are not reliable sources; logging can be turned off inadvertently or for performance reasons. Raw network data is the ultimate source of truth – but sending it all to a SIEM can become very expensive. The bottom line is visibility into your application traffic is elemental to security – if you can’t see it, you can’t secure it. What’s needed is deep insight into your applications. Attend this ISC2 webinar to learn how NetOps and SecOps can: •Identify which applications are contributing to network traffic. •Use application metadata to gain more context of potential threat events and to more easily enforce corporate compliance. •Lower tool cost and improve tool efficiency by filtering out low-risk, high-bandwidth traffic. •Send suspicious traffic to a tool on-demand when an anomaly is detected. If you need to monitor, identify, and filter application traffic so you can more easily identify anomalies and lateral propagation of threats, you’ll want to attend this webinar!
Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (146)
Subscribers (4965)
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures.