+ All Categories
Home > Documents > The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software...

The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software...

Date post: 23-Aug-2020
Category:

Documents
Upload: others
View: 1 times
Download: 0 times
Download Report this document
Share this document with a friend
16
WE DETECT THE CYBER THREATS THAT OTHER TECHNOLOGIES MISS Why Technology is Not the Answer The Case for Managed Detection & Response (MDR) Date October 2016 Presenter Sean Blenkhorn Sr. Director, Solutions Engineering & Advisory Services eSentire Inc.
Transcript
Page 1: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

WEDETECTTHECYBERTHREATSTHATOTHERTECHNOLOGIESMISS

WhyTechnologyisNottheAnswerTheCaseforManagedDetection&Response(MDR)

Date October2016

Presenter Sean BlenkhornSr.Director,SolutionsEngineering&AdvisoryServiceseSentire Inc.

Page 2: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

WhoamI?

» 20yearsinInformationTechnology&Security» Backgroundasasoftwaredeveloper» FocusedinSecuritythelast10+years» ConsultanttoFortune50,100,and500firmsaroundglobal

deploymentsandmanagementinkeytechnologies» DataLossPrevention,SIEM,Encryption,NetworkAccessControland

more…

» Speakeratvariousconferencesonsecurityandcompliance

©2016eSentire,Inc.

SLIDE2

Page 3: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

©2016eSentire,Inc.

SLIDE3

Page 4: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

C AMBR I D G E | N EW YO R K | B O S TON | L O NDON | C O R K

Proven Cybersecurityfor Mid-sized Enterprise

300EMPLOYEES

2001FOUNDED

600+

CUSTOMERS

90%

YOY GROWTH

98%

RETENTION

$3.0TASSETS PROTECTED

MANAGED DETECTION & RESPONSE

Page 5: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

CYBERCRIMEISBIGBUSINESS

$100BILLION

SPENT

$1.2TRILLION

STOLEN

Page 6: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

MEANS⌾ MOTIVE⌾ OPPORTUNITY

EASY ACCESS TOCYBER WEAPONRY

ACCESS

MINIMAL CYBERSKILLS REQUIRED

EASY

MOTIVATIONIS HIGH

LUCRATIVE

NO NEGATIVEREPERCUSSIONS

IMPUNITY

Page 7: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

SOPHISTICATEDCYBERATTACKS

SOCIALENGINEERING

BUSINESSEMAIL COMPROMISE

TARGETEDATTACKS

WARERAN

SOMPHISHING

CAMPAIGNS

SYSTEMIC VULNERABILITIESEXPLOITATIONS

WATERING

HOLES

Page 8: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

©2016eSentire,Inc.

SLIDE8

Page 9: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,
Page 10: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,
Page 11: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

©2016eSentire,Inc.

SLIDE11

Page 12: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

WhyWon’tTechnologyWork?

Copyright2015eSentire,Inc.12

GOOD BAD

Page 13: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

24X7 Human Monitoring and

Hunting

Intervention & Response

Detection and Prevention Technology

• Real-time detection and prevention of known attacks

• Signal suspicious network behavior to detect unknown attacks

• Real-time forensics via 24X7 Global SOC

• Add insights to raw signals• Quickly determine if weird

normal or weird bad

• Contain Threat• Escalate to customer• Remediate

Page 14: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

KeystoSucceed

» TECHNOLOGY+PEOPLE+PROCESS» Therighttechnologygeneratingtherightsignals» People=GrayMatterAnalytics» Provideaccesstotherightrawdatafordecision-making(forensics)» Integration– ensuretoolsworktogetherasseamlesslyaspossible» Defined,repeatableprocessensuringwecangofromsignalgeneration,

tosignalenhancementtoresponseinveryshortamountoftime->Velocity

» Backtobasics» Networksegregation,accesscontrols,etc.(SANSTop20)

Copyright2015eSentire,Inc.14

Page 15: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

RANSOMWARE7:43AM

AMP BLOCKS 1st 87.exeDOWNLOADED FROM 10th IP

7:44AMTESLACRYPT BEACONS

TO CNC SERVER

7:54AMSOC ALERTS ON INFECTION

AND BLOCKS TRAFFIC

8:30AMINFECTED HOST

ISOLATED/MITIGATED

FINANCIALFIRM

Page 16: The Case for Managed Detection & Response (MDR) esentire_SecTo… · » Background as a software developer » Focused in Security the last 10+ years » Consultant to Fortune 50, 100,

+1866.579.2200 [email protected] www.esentire.com Followus@esentire© 2016 eSentire, Inc.

SLIDE 16

THANKYOU

QUESTIONS NEXTSTEPS


Recommended
TB and MDR-TB

TB and MDR-TB

Documents

Tuberculosis MDR 2014

Tuberculosis MDR 2014

Documents

BEFORE THE PUBLIC UTILITIES COMMISSION OF NEVADA...96 Operational performance metrics 97 MDR 96 Attachment 1 98 MDR 96 Attachment 2 99 MDR 96 Attachment 3 128 MDR 96 Attachment 4 130

BEFORE THE PUBLIC UTILITIES COMMISSION OF NEVADA...96 Operational performance metrics 97 MDR 96 Attachment 1 98 MDR 96 Attachment 2 99 MDR 96 Attachment 3 128 MDR 96 Attachment 4 130

Documents

Mdr electronics

Mdr electronics

Business

MDR SW Classification - medconf.de · MDSW –Regulatory Introduction 4 MDR Article 2 (1) MDR: Terms & Definitions Medical Device ‘medical device’ means any instrument, apparatus,

MDR SW Classification - medconf.de · MDSW –Regulatory Introduction 4 MDR Article 2 (1) MDR: Terms & Definitions Medical Device ‘medical device’ means any instrument, apparatus,

Documents

MDR Presentation TekBand

MDR Presentation TekBand

Documents

TT14-TanmiTT14-Tanmia MDR 2013Dec13 for Kamala MDR 2013Dec13 for Kamal

TT14-TanmiTT14-Tanmia MDR 2013Dec13 for Kamala MDR 2013Dec13 for Kamal

Documents

Factsheet Mdr Progress March2011

Factsheet Mdr Progress March2011

Documents

Pressure switch MDR 1 - Condor Werkecondor-werke.de/assets/24-09_pressure_switches_single_phase.pdf · 27 Pressure Diagrams MDR 1 Cable glands MDR 1 Pressure switch MDR 1 WN PG 11

Pressure switch MDR 1 - Condor Werkecondor-werke.de/assets/24-09_pressure_switches_single_phase.pdf · 27 Pressure Diagrams MDR 1 Cable glands MDR 1 Pressure switch MDR 1 WN PG 11

Documents

Humfried Hermsmann Humfried.pdf · S trength Fortune T oughness Fortune A gility Fortune X Physical Characteristics Mental Characteristics I ntelligence Fortune W illpower Fortune

Humfried Hermsmann Humfried.pdf · S trength Fortune T oughness Fortune A gility Fortune X Physical Characteristics Mental Characteristics I ntelligence Fortune W illpower Fortune

Documents

MDR LIMITED

MDR LIMITED

Documents

mdr thyphoid

mdr thyphoid

Documents

Emergence of MDR-TB

Emergence of MDR-TB

Documents

Alcatel-Lucent MDR-8000 Digital Microwave Radio Familymediaserver.voxtechnologies.com/FileCache/Alcatel-Lucent-MDR-8000... · Alcatel-Lucent MDR-8000 Digital Microwave Radio Family

Alcatel-Lucent MDR-8000 Digital Microwave Radio Familymediaserver.voxtechnologies.com/FileCache/Alcatel-Lucent-MDR-8000... · Alcatel-Lucent MDR-8000 Digital Microwave Radio Family

Documents

MDR-IF8000 - Sony · • MDR-IF8000 is the component model block one in MDR-DS8000. COMPONENT MODEL NAME FOR MDR-DS8000 DIGITAL SURROUND PROCESSOR DP-IF8000 ... IC901 X901 C210 R206

MDR-IF8000 - Sony · • MDR-IF8000 is the component model block one in MDR-DS8000. COMPONENT MODEL NAME FOR MDR-DS8000 DIGITAL SURROUND PROCESSOR DP-IF8000 ... IC901 X901 C210 R206

Documents

MDR GNR Prevention

MDR GNR Prevention

Documents

MDR - BSI Group...2 Introduction Risk Management under the MDR • Risk-Benefit analysis Clinical Requirements under the MDR • Clinical Investigations under the MDR • When is a

MDR - BSI Group...2 Introduction Risk Management under the MDR • Risk-Benefit analysis Clinical Requirements under the MDR • Clinical Investigations under the MDR • When is a

Documents

Mdr tuberculosis

Mdr tuberculosis

Health & Medicine