Hi [[ session.user.profile.firstName ]]

Value of IDS/IPS Visualization in Managed Services

IDS / IPS are a critical element of Managing Security for most organizations however they produce lots of evens and alerts which must be filtered, analyzed, and correlated into security incidents.

The practical usage of innovative GUI leads to better incident management. The management of these incidents also includes tracking until solved preferably in an integrated structured and consistent way.

Past incidents can provide a valuable knowledge base to speed up future remedies.

With over 25 years of “Information and Communication Technology"-ICT experience, covering, managed services, outsourcing, security, business continuity, disaster recovery, vendor management, networking, infrastructure management, virtualization financial sector and telecom. Jorge Sebastiao brings experience, creativity, structure and innovation to ICT solutions.
Recorded Jan 12 2010 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jorge Sebastiao, BD Manager Managed Services & Security Guru, ITS
Presentation preview: Value of IDS/IPS Visualization in Managed Services

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • State of Cloud Adoption in Asia Pacific (APAC) Sep 13 2017 6:00 am UTC 60 mins
    Shuqi Huang, Research Analyst of CSA and David Siah, Country Manager of TrendMicro Singapore
    Cloud as the enabler of Internet of Things (IoT) and data analytics, the incorporation of cloud computing is critical for the successful implementation of these leading-edge technologies. Countries and organizations moving towards Industry 4.0 are highly dependent on cloud computing, as it is the basis for this revolutionary transition. However, complications and confusion arising from regulations (or lack thereof) surrounding cloud usage hinder cloud adoption.

    During this webcast, we will discuss some of the findings from the CSA “State of Cloud Adoption in Asia Pacific (APAC) 2017” report and examine the availability and affordability of cloud computing in the APAC region.
  • An Elegant and Practical Model for Security Practitioners Sep 12 2017 2:00 am UTC 45 mins
    Steve Ledzian, FireEye APAC
    "Prepare, Respond, Assess" … "Prevent, Detect, Respond" … Security professionals are awash in a myriad of buzzwords triads and theoretical frameworks.

    Let's look at a practical model that has tangible meaning for practitioners, based on the Attack Lifecycle, and encompassing modern security capabilities to drive the outcome of not suffering any business impact resulting from a breach.
  • Wear Camouflage While Hunting Threats Aug 29 2017 6:00 pm UTC 45 mins
    Lance Cottrell, Chief Scientist at Ntrepid
    Threat hunting has become a major trend but most is focused within the perimeter. Important threats and valuable threat intelligence waits to be found outside your firewall in the wilds of the internet. Join this episode of the Threat Hunting series to learn more about:
    - The particular risks of threat hunting in the wild
    - The importance of camouflage and armor
    - Best practices and techniques for employing digital camouflage and armor.

    About the Speaker:
    Lance Cottrell founded Anonymizer in 1995, which was acquired by Ntrepid (then Abraxas) in 2008. Anonymizer’s technologies form the core of Ntrepid’s Internet misattribution and security products. As Chief Scientist, Lance continues to push the envelope with the new technologies and capabilities required to stay ahead of rapidly evolving threats.

    Lance is a well-known expert on security, privacy, anonymity, misattribution and cryptography. He speaks frequently at conferences and in interviews. Lance is the principle author on multiple Internet anonymity and security technology patents. He started developing Internet anonymity tools in 1992 while pursuing a PhD. in physics, eventually leaving to work on those technologies full time.
  • A Tactical Guide to Reducing Your Data Breach Risk Aug 29 2017 5:00 pm UTC 75 mins
    Dr. Branden Williams; Farshad Ghazi, HPE; Yo Delmar, MetricStream; Jordan Rogers, Rapid7; and Billy Sokol, MarkLogic
    Over 90% of the world’s data has been generated in the last few years. Accompanying this rapid growth in data comes exponential risks, as witnessed by the spike in cyber attacks of which no organization seems immune. The financial rewards gained by the perpetuators of cyber attacks is blatant, and this is driving continued attacks on companies containing massive amounts of consumer data. For these companies securing data is only half the battle. The risks can be greater when data is transmitted externally, hence it is critical that organizations know where sensitive data is going, how it is being transmitted, and how it is being handled and stored.

    On this webinar our panel of experts will discuss some of the best practices organizations can consider to reduce the risk of suffering from a data breach, and to proactively prepare for any subsequent breach that could happen.
  • Security According to Leafcutter Ants Aug 25 2017 3:00 pm UTC 45 mins
    Mike Chung, Drs. Ing. RE CISSP, Associate Partner at IBM Security
    Humans have been protecting our complex network infrastructures for decades with varying degrees of success, while eusocial insects such as ants are capable of withstanding countless attacks on their networks.

    This presentation is about what ants in general and Leafcutter Ants in particular approach security and how we can learn from these survivors of millions years of warfare.

    You will learn:
    -How social insects (ants) are dealing with predictive analysis
    -Applying the defense mechanism of ants on threat intelligence
    -How information sharing and communication can lead to better security
    -Data and Identity Management
  • Hunting Criminals with Hybrid Analytics, Semi-supervised Learning, & Feedback Aug 23 2017 5:00 pm UTC 60 mins
    David Talby, CTO, Atigeo
    Fraud detection is a classic adversarial analytics challenge: As soon as an automated system successfully learns to stop one scheme, fraudsters move on to attack another way. Each scheme requires looking for different signals (i.e. features) to catch; is relatively rare (one in millions for finance or e-commerce); and may take months to investigate a single case (in healthcare or tax, for example) – making quality training data scarce.

    This talk will cover a code walk-through, the key lessons learned while building such real-world software systems over the past few years. We'll look for fraud signals in public email datasets, using IPython and popular open-source libraries (scikit-learn, statsmodel, nltk, etc.) for data science and Apache Spark as the compute engine for scalable parallel processing.

    David will iteratively build a machine-learned hybrid model – combining features from different data sources and algorithmic approaches, to catch diverse aspects of suspect behavior:

    - Natural language processing: finding keywords in relevant context within unstructured text
    - Statistical NLP: sentiment analysis via supervised machine learning
    - Time series analysis: understanding daily/weekly cycles and changes in habitual behavior
    - Graph analysis: finding actions outside the usual or expected network of people
    - Heuristic rules: finding suspect actions based on past schemes or external datasets
    - Topic modeling: highlighting use of keywords outside an expected context
    - Anomaly detection: Fully unsupervised ranking of unusual behavior

    Apache Spark is used to run these models at scale – in batch mode for model training and with Spark Streaming for production use. We’ll discuss the data model, computation, and feedback workflows, as well as some tools and libraries built on top of the open-source components to enable faster experimentation, optimization, and productization of the models.
  • Unsupervised learning to uncover advanced cyber attacks Recorded: Aug 22 2017 49 mins
    Rafael San Miguel Carrasco, Senior Specialist, British Telecom EMEA
    This case study is framed in a multinational company with 300k+ employees, present in 100+ countries, that is adding one extra layer of security based on big data analytics capabilities, in order to provide net-new value to their ongoing SOC-related investments.

    Having billions of events being generated on a weekly basis, real-time monitoring must be complemented with deep analysis to hunt targeted and advanced attacks.

    By leveraging a cloud-based Spark cluster, ElasticSearch, R, Scala and PowerBI, a security analytics platform based on anomaly detection is being progressively implemented.

    Anomalies are spotted by applying well-known analytics techniques, from data transformation and mining to clustering, graph analysis, topic modeling, classification and dimensionality reduction.
  • Are You Ready for GDPR? Cybersecurity and Privacy Impacts [Keynote Panel] Recorded: Aug 17 2017 63 mins
    Michelle Dennedy (Cisco), Ariel Silverstone (GoDaddy), Paul Rosenzweig (Red Branch Consulting)
    The General Data Protection Regulation (GDPR), a set of rules governing the privacy and security of personal data that is being implemented by the European Commission, is going into effect in May, 2018.

    This means your company, and every other company in the world are considering:
    - Does GDPR affect my organization and how
    - What are the cybersecurity and privacy implications of GDPR
    - What happens if I don't comply
    Join this panel of top privacy and security experts as they discuss the state of identity, privacy and cyber security in the context of GDPR.

    Speakers:
    - Michelle Dennedy, VP & Chief Privacy Officer at Cisco
    - Ariel Silverstone, Vice President of Security Strategy, Privacy and Trust at GoDaddy
    - Paul Rosenzweig, Principal at Red Branch Consulting
  • Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR Recorded: Aug 17 2017 60 mins
    Nicola Franchetto of ICT Legal Consulting
    Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.
  • GDPR Privacy Impact and Risk Assessments Recorded: Aug 17 2017 49 mins
    Ariel Evans, CEO, InnoSec
    - InnoSec is the winner of the EU commission Horizon 2020 grant based on its innovation in GDPR and cyber risk -

    GDPR is an urgent issue that has companies scrambling to be compliant by May of 2018. Any organization that processes EU citizen data is in scope and the penalties are severe.

    Alignment with the requirements can reduce the chances of triggering a Data Protection Authority (DPA) to investigate a company’s privacy practices after the GDPR takes effect in May 2018. DPAs can impose a fine on companies of up to 4% of annual global revenues for egregious violations of the GDPR. Member states can also add to these fines. The Netherlands, for instance, has more than doubled its own fining capacity to 10% of annual revenues. European privacy advocates are pressuring DPAs to fully exercise these new powers after May 2018.To manage this risk, multinationals should have a means to demonstrate alignment with the GDPR requirements and communication of this program with DPAs that have jurisdiction over their major European operations.

    InnoSec’s GDPR solution provides privacy impact and risk assessments which measure the confidentiality and integrity of the system and the risk associated to it meeting articles 1,2, 5, 32, 35 and 36. Additionally, we provide a readiness gap analysis for managing, planning and budgeting for GDPR.

    Most e-commerce, educational and multi-national organizations process EU citizen data and are in scope for GDPR. Moreover, most organizations are not ready according to Gartner and his means the race to the finish line requires as much automation as you can afford. InnoSec provides a means for companies to save money and time with their GDPR assessment and gap analysis offering.. Our GDPR offering automates the assessment process and provides a gap analysis readiness feature, that also ensures that organizations can plan, budget and manage their GDPR program.

    Come to this webinar to see how it is done.
  • BrightTALK's GDPR Benchmark Special: How Prepared are You for May 2018? Recorded: Aug 17 2017 63 mins
    Josh Downs, BrightTALK; Stuart McKenzie, Mandiant; Sian John, Symantec; Nigel Tozer, Commvault & Tim Hickman, White & Case
    9 months until the GDPR deadline - are you completely up-to-speed?

    Our panel of data protection experts will be discussing the compliance considerations that you need to be assessing for May 2018 along with suggesting next steps from a cyber and general security standpoint.

    We'll also be asking YOU at what stage you're at in terms of your preparations via a series of interactive benchmarks as we go through the session to get a sense of where the security community is at in terms of preparations.

    -------------

    GDPR and its May 2018 deadline are now fully the minds of the vast majority of security professionals and with massive fines on the horizon for non-compliance, now is a better time than ever to get to grips with the legislation and ensure that your organisation is secure and compliant.

    It’s vital that your business has carried out the relevant preparations for compliance by then to make sure you don’t get whacked with a huge fine of up to £15m or 4% of your organisation’s global annual turnover.

    Not only are there potentially huge financial repercussions, but leaving your business open to attack and your customers at risk can cause serious reputational damage.
  • Using Open Standards to Comply with GDPR Recorded: Aug 17 2017 33 mins
    Tommaso De Orchi, Solution Manager (EMEA), Yubico and Nic Sarginson, Solutions Engineer (EMEA)
    The EU General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy. Acknowledging identity threats like phishing and man-in-the-middle attacks, the GDPR applies to all companies processing and holding the personal data of those residing in the European Union, regardless of the company’s location.

    An excerpt from the GDPR describes authentication as ‘key to securing computer systems’ and as the first step ‘in using a remote service or facility, and performing access control’. The document also outlines various GDPR-compliant authentication solutions, such as smart card, OTP push apps, and FIDO Universal 2nd Factor (U2F).

    Yubico’s enterprise solution - the YubiKey - combines support for OpenPGP (an open standard for signing and encryption), FIDO U2F (a protocol that works with an unlimited number of applications), and smart card / PIV (a standard that enables RSA or ECC sign/encrypt operations using a private key stored on the device) all in one multi-protocol authentication device. This makes it a strong and flexible solution for companies required to comply with GDPR. Attend this webcast and learn:

    •How GDPR will impact the way organizations worldwide store and access the personal information of EU citizens
    •How to leverage open standards to achieve GDPR compliance for strong authentication
    •How a multi-protocol authentication device protects organizations from phishing and man-in-the-middle attacks
  • BYOD – Why It’s Good for You and How to Secure It Recorded: Aug 16 2017 60 mins
    Graham Williamson and Andrew Ferguson, KuppingerCole
    Mobile devices have won. Whether it’s a cell phone or tablet they are the device of choice for users wanting to access corporate resources. This webinar will discuss the options for supporting these devices as a business imperative. At one end of the spectrum there’s the “corporate device only” approach, at the other end is a BYOD approach. Either approach is acceptable provided it’s based on a risk assessment and adheres to corporate policy.

    This presentation will address the security issues organizations are facing in supporting access to corporate resources from users with mobile devices. Join us as we discuss the importance of establishing a secure BYOD strategy, the security controls you will need to have in place and the need for strong authentication.

    About the Presenters
    Graham Williamson has 25 years experience in the Information Technology industry with expertise in identity management and access control, enterprise architecture and services-oriented architecture, electronic commerce and public key infrastructure, ICT strategy development and project management.

    Andrew Ferguson is one of the founders and key shareholders of Internet Commerce Australia (ICA) and a shareholder of KuppingerCole (Asia Pacific). He is a Senior Consultant with KuppingerCole with a 20 year career in Identity and Access Management and a total of 40 years in the IT sector. He has worked for the UK Ministry of Defence (British Army), Somerset Constabulary & the Metropolitan Police Force in London, in Retailing IT with Debenhams & MFI Warehouses, in Transport & Logistics IT & Consulting with PWC, Unilever, P&O Containers and the Port of Melbourne Authority; and Telecommunications & IT Systems Integration with both Telstra & Optus Communications, plus AT&T, EDS and UCSL.
  • The cyber security challenges faced by businesses adopting a BYOD strategy Recorded: Aug 16 2017 46 mins
    Martin Cook, LogRhythm
    This webinar will focus on the cultural shift from tightly controlled business networks of yesterday to the converged fabric adopted by businesses today. BYOD is becoming a normality for most organisations and it doesn't have to be a heavy burden for security teams with the right policies, people and technology in place. We'll dive into some of the options available for these challenges in this webinar and how having the right BYOD strategy can play an integral role in an organisation's preparation for EU GDPR compliance.

    We’ll address:
    - The security options available today to enable an efficient and safe BYOD strategy
    - How implementing a strong BYOD strategy can help compliance
    - How you can reduce the risk of suffering a damaging cyber-breach
  • Hybrid Mobile Apps: From Security Challenges to Secure Development Recorded: Aug 16 2017 35 mins
    Dr. Achim D. Brucker, Security Consultant & Senior Lecturer, University of Sheffield
    Cross-platform frameworks, such as Apache Cordova, Adobe PhoneGap, or SAP Kapsel are becoming increasingly popular. They promote the development of hybrid apps that combine native, i.e., system specific, code and system independent code, e.g., HTML5/JavaScript. Combining native with platform independent code opens Pandora's box: all the security risks for native development are multiplied with the security risk of web applications.

    In this talk, we will give a short introduction into hybrid app development, present specific attacks and discuss how Android developers are using Apache Cordova. In the second half of the talk, we will focus on the secure development of hybrid apps: both with hands-on guidelines for defensive programming as well as recommendations for hybrid app specific security testing strategies.

    Speaker bio:

    Dr. Achim D. Brucker (https://www.brucker.ch) leads the Software Assurance & Security Research Team (https://logicalhacking.com) at the University of Sheffield, UK. Until December 2015, he was a Security Testing Strategist in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP. He is a frequent speaker at security conferences.
  • The Imminent Smart Device Mutiny Recorded: Aug 16 2017 59 mins
    Amar Singh & Chris Payne
    Are we filling our homes and carrying around in our pockets, our biggest cybersecurity vulnerabilities? Join us in a lively debate where we will discuss the increase in IoT and smart devices, some of the lesser talked about threats and what steps are being taken to reduce the risk to the imminent smart device mutiny of future.
  • The Worst Privacy and Security Risks and How To Defend Against Them Recorded: Aug 15 2017 61 mins
    Dr. Christopher Pierson (CSO of Viewpost), Sarah Squire (Founder & Principal Consultant, Engage Identity)
    We live in the age of high-profile breaches and cyber attacks. Every organization is a target, especially in the financial, healthcare and government space. With so much at stake in the event of a breach, what are the biggest cybersecurity risks for organizations? How should we defend against them?

    This live panel will discuss:
    - The relationship between identity, security and privacy
    - The role of data security regulation
    - Why investing in cybersecurity is key
    - The few basic things organizations should be doing today to better secure their customer data
  • The State of Identity in the Age of Breaches & Cyber Attacks Recorded: Aug 15 2017 61 mins
    Mark Weatherford (vArmour), Paul Rosenzweig (Red Branch Consulting), Brett McDowell (FIDO)
    Enterprises, businesses, government agencies, transportation systems, hospitals, and in some cases, even power plants worldwide have been affected by the high-profile cyber attacks of 2017. What is the current state of digital identity, cyber security and privacy in an age of increased cyber attacks. With the EU General Data Protection Regulation (GDPR), going into effect in May 2018, how are global enterprises and businesses preparing for it?

    Join this panel of expert identity and cybersecurity leaders as they discuss the pressing issues concerning identity and security, especially in the context of ransomware attacks, rise in cybercrime and instances of cyber warfare.

    Moderator:
    - Mark Weatherford, Chief Cybersecurity Strategist at vArmour

    Panelists:
    - Paul Rosenzweig, Principal at Red Branch Consulting
    - Brett McDowell, Executive Director of the FIDO Alliance
  • Catch Me If You Can - Red vs. Blue Recorded: Aug 10 2017 58 mins
    Will Schroeder and Jared Atkinson
    Attackers’ love for PowerShell is now no longer a secret, with 2016 producing an explosion in offensive PowerShell toolsets. PowerShell is gaining respect in offensive circles as “Microsoft’s Post-Exploitation Language” and being integrated into many offensive toolkits. Unfortunately, the offensive community often fails to research or share relevant mitigations with their defensive counterparts. This leaves many defenders without the information they need to protect themselves and their networks from these attacks. In a quest to combat the perceived threat, many defenders attempt to disable PowerShell rather than realizing its defensive potential.

    In this webinar, Will Schroeder (@harmj0y) and Jared Atkinson (@jaredcatkinson) will cover offensive and defensive PowerShell tools and techniques, including PowerPick, subversive PowerShell profiles, PowerForensics, and Get-InjectedThread. They will also cover mitigations and detections for popular offensive tools and techniques, demonstrating how to best handle the new offensive reality of widespread offensive PowerShell usage.
  • Orchestrating Effective IT Risk Management Across the Lines of Defense Recorded: Aug 8 2017 65 mins
    Kelley Vick, IT GRC Forum; Cameron Jackson, Riskonnect; Weston Nelson, Moss Adams Advisory Services
    Today’s IT risk environment is more threatened than ever thanks to the growth in sophisticated cyber attacks and security vulnerabilities. Now, complex, hard-to-detect attacks could bring down not just a single institution but also large parts of the internet and the financial markets. Organizations need an intelligent approach when it comes to assessing IT risk and managing compliance.

    Staying safe is no longer just about deflecting attackers. It’s about staying ahead of attackers who are already inside the organization, and banks are doing this through structured lines of defense that enhance security capabilities, involve IT risk managers in operations, and expand internal audits mandate so they can cover business disruption. On this webinar presentation we will address some ways how organizations can as a part of an Integrated Risk Management initiative orchestrate effective IT risk management across the lines of defense.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Value of IDS/IPS Visualization in Managed Services
  • Live at: Jan 12 2010 1:00 pm
  • Presented by: Jorge Sebastiao, BD Manager Managed Services & Security Guru, ITS
  • From:
Your email has been sent.
or close