First step to visibility: Get reliable data access for tools

Logo
Presented by

Ollie Sheridan, Principal Security Solutions Engineer, CISSP

About this talk

Whilst many users will focus their efforts on the Tools and their SIEM tools, the acquisition of this traffic is often neglected. Today’s Security Operations Centre (SOC) depends heavily on the ability to collect, correlate and analyse network events to quickly identify and respond to security threats – but getting access to the right traffic data from across the network, and without overloading the system, can be a challenge. Most Security Operations organizations have a broad understanding of what applications are running on their network. However, many have no visibility into which specific applications are consuming resources. While Security budgets are stretched thin, organizations have to struggle to support increased demand. Inefficiencies often result in all traffic being analysed by all network security tools, whether it is relevant or not. Application Intelligence provides specific information about all the applications streaming through a network. In a security context, this is especially useful because security appliances are looking for the “needle in the haystack”; that is, to identify the one single sequence of threat packets or flows from the entire mass of network flows. Join us to understand how you can better utilise your network and security tools to protect your network infrastructure and ensure your end-users receive the best service.
Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (146)
Subscribers (4965)
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures.