PREVENT MAJOR DATA BREACHES WITH THREAT LIFECYCLE MANAGEMENT Seth Goldhammer, Senior Director of Product Management at LogRhythm

Similar documents
RSA ARCHER IT & SECURITY RISK MANAGEMENT

IBM QRadar SIEM. Detect threats with IBM QRadar Security Information and Event Management (SIEM) Highlights

AlgoSec Security Management Suite

Fulfilling CDM Phase II with Identity Governance and Provisioning

The Executive Guide to Digital Intelligence for Oil and Gas

Security intelligence for service providers

The Top Five Reasons. You Need

An all-in-one risk management platform delivering fraud detection, transactions screening and customer due diligence capabilities

Efficient Troubleshooting Using Machine Learning in Oracle Log Analytics

INTEGRATION BRIEF DFLabs and BMC Remedy: Streamline Incident Management and Issue Tracking.

TOP 6 SECURITY USE CASES

VULNERABILITY MANAGEMENT BUYER S GUIDE

ARE YOU GOING DIGITAL WITHOUT A NET?

VULNERABILITY MANAGEMENT BUYER S GUIDE

Service management solutions White paper. Six steps toward assuring service availability and performance.

Oracle Management Cloud

13 WAYS TO BUILD AN EFFECTIVE GSOC

It s a NEW Day! A Framework for Digital Operations with an Analytics Foundation

Managing Identity Applications, Securing Databases with Oracle Management Cloud

BMC - Business Service Management Platform

Symantec s 2015 Financial Analyst Day

Managing Identity Applications, Securing Databases with Oracle Management Cloud

Oracle Management Cloud. The Next Generation of Systems Management

VIA Insights: Telcoms CONNECT to Digital Operations

Automatically Find and Fix Insecure Database settings with Oracle Management Cloud PRO4284

Oracle Banking Enterprise Collections

lead the digital transformation

SECURITY ANALYTICS: WHAT NOW?

SAP Enterprise Threat Detection Overview & Roadmap. Martin Plummer, SAP SE November 2016

FixStream. Industry First AIOps Platform for Oracle ERP

SOLUTION BRIEF HELPING ADDRESS GDPR CHALLENGES WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Smart Solutions with Connected Manufacturing. Chet Namboodri Managing Director Global Manufacturing Industry Cisco Systems, Inc.

Trusted by more than 150 CSPs worldwide.

IBM Service Management for a Dynamic Infrastructure IBM Corporation

Critical visibility accelerating detection across modern hybrid IT environments VALIDATE. COMPLIANCE. HYBRID, ACCELERATE. REPORTING. OR ON-PREMISES.

Developing Prognostics Algorithms: Data-Based and Model-Based Approaches

Gain strategic insight into business services to help optimize IT.

IBM Security Investor Briefing 2018

Spotlight Sessions. Nik Rouda. Director of Product Marketing Cloudera, Inc. All rights reserved. 1

Unlocking the Power of Big Data Analytics for Application Security and Security Operation

ORACLE PROJECT PORTFOLIO MANAGEMENT CLOUD

2012 Honeywell Users Group EMEA. Sustain.Ability. John Schofield, Honeywell Improved Reliability, Safety and Compliance with Management of Change

How do we assure service availability at levels that make the IT infrastructure function so well it becomes transparent to our business?

Intelligent Security Operations: A How-To Guide

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

CTI Automation is harder than it needs. Allan Thomson, LookingGlass Cyber Solutions CTO Co-Chair OASIS CTI Interoperability June 2018

An Overview of the AWS Cloud Adoption Framework

Kaseya Traverse Predictive SLA Management and Monitoring

AI AND MACHINE LEARNING IN YOUR ORGANIZATION GET STARTED AND REAP THE BENEFITS.

Industry's First Visual Artificial Intelligence Platform To Predict Oracle ERP Business Application Issues Across Hybrid IT

The Data Opportunity: Using data for economic and social benefit reaping the

Cisco Connected Asset Manager for IoT Intelligence

Cyber Security Programme Outline for Apprenticeships at Level 4

ORACLE PROJECT PORTFOLIO MANAGEMENT CLOUD

IBM Service Management solutions To support your business objectives. Increase your service availability and performance with IBM Service Management.

Building Intelligence: The New BI

Going Beyond AIOps to Accelerate IT Transformation

White paper June Managing the tidal wave of data with IBM Tivoli storage management solutions

Securing the Mobile, Cloud-connected Enterprise

The Hybrid Enterprise: Working Across On-premises, IaaS, PaaS and SaaS

DATA SHEET eslog+ Critical visibility accelerating detection across modern hybrid IT environments

Making intelligent decisions about identities and their access

Unleash the Power of Mainframe Data in the Application Economy

Unisys Data Analytics capabilities - Unlock business value from ClearPath Forward applications

Modernizing Cyber Defense: Embracing CDM. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA

Cisco s Digital Transformation Supply Chain for the Digital Age

PORTFOLIO MANAGEMENT Thomas Zimmermann, Solutions Director, Software AG, May 03, 2017

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

Intelligent enterprise - Nordic user group SAP S/4HANA Finance PUBLIC

Managing the growing pains in today s expanding networks

Seamless Application Security: Security at the Speed of DevOps

Secure and Manage Hybrid Clouds

Actionable enterprise architecture management

SAP Road Map for Governance, Risk, and Compliance Solutions

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

IBM Data Security Services for activity compliance monitoring and reporting log analysis management

SUSiEtec The Application Ready IoT Framework. Create your path to digitalization while predictively addressing your business needs

The Malicious Insider: Identifying Anomalies in High Dimensional Data to Combat Insider Threat

The Future of Workload Automation in the Application Economy

Overcoming the Limitations of Conventional Application Performance Management

requirements, we developed an MNS foundation that is adaptable to different requirements for size, bandwidth, and complexity.

Savvius and Splunk: Network Insights for Operational Intelligence

TECHNOLOGY brief: Event Management. Event Management. Nancy Hinich-Gualda

Itron Analytics. Maximize the Full Value of Your Smart Grid. Image

Advanced Analytics in Cyber Security

INTELLIGENT FINANCIAL CRIME DETECTION GETTING AHEAD OF FINANCIAL CRIME WITH AI THE POWER OF AI

IBM Tivoli Endpoint Manager for Software Use Analysis

AWS MSP Partner Program Validation Checklist v3.2 Mapping

IBM Tivoli Endpoint Manager for Lifecycle Management

Azure IoT Suite. Secure device connectivity and management. Data ingestion and command + control. Rich dashboards and visualizations

Windpark Manager. Brochure. A Comprehensive, Integrated Solution for Technical Operations Management of Wind Parks

Solutions. Take Communication Surveillance to the next level

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

Comprehensive approach for Artificial Intelligence for IT Operations transformation Deloitte and Moogsoft partnership

Honeywell Software Service Tools Help Manage Control System Performance, Security and Process Plant Outcomes

THE GENERAL DATA PROTECTION REGULATION (GDPR) Get the facts and prepare your business

John D. Halamka, MD, MS

SAP 360 customer. Dominique Blanc Business Architect SAP 29 Mai 2013, SAP Forum

Leverage Big Data with User Interface Evolution

Modernise IT Operations and Service Management. Simon White Solution Architect, IT Operations Management Practice, Australia/New Zealand

Transcription:

PREVENT MAJOR DATA BREACHES WITH THREAT LIFECYCLE MANAGEMENT Seth Goldhammer, Senior Director of Product Management at LogRhythm

WELCOME Audio is streamed over your computer Dial in numbers and codes are on the left To receive your CPE credit: 1. Complete 3 checkpoints - or - 2. Watch the recorded version from the beginning to the very end Don t forget to take the survey! Use the Papers tab to find the following: PDF Copy of today s presentation CPE job aid Have a question for the speaker? Access the Q&A tab Technical issues? Access the Help tab Questions or suggestions? Visit https://support.isaca.org 2

TODAY S SPEAKER 3

AGENDA 1. Highlight the Current Threat Pandemic 2. Evaluate Market Approach and Offerings 3. KPIs: Mean Time to Detect and Respond 4. Cyber Attack Lifecycle 5. End to End Threat Lifecycle Management 6. Solution Requirements 4

THE MODERN CYBER THREAT PANDEMIC 5

THE MODERN CYBER THREAT PANDEMIC 321 Breaches in 2006 6

THE MODERN CYBER THREAT PANDEMIC 953 Breaches in 2010 321 Breaches in 2006 7

THE MODERN CYBER THREAT PANDEMIC 321 Breaches in 2006 953 Breaches in 2010 3,930 Breaches in 2015 736 million records were exposed in 2015, compared to 96 million records in 2010 The security industry is facing serious talent and technology shortages 8

NO END IN SIGHT Motivated Threat Motivated Actors Threat Actors Expanding Expanding Attack Surface Attack Surface Cybercrime Supply Chain Cyber-crime Supply Chain 9

A NEW SECURITY APPROACH IS REQUIRED 10

A NEW SECURITY APPROACH IS REQUIRED Prevention-centric approaches can stop common threats 11

A NEW SECURITY APPROACH IS REQUIRED Prevention-centric approaches can stop common threats However, advanced threats: Require a broader view to recognize Only emerge over time Get lost in the noise 12

A NEW SECURITY APPROACH IS REQUIRED Prevention-centric approaches can stop common threats However, advanced threats: Require a broader view to recognize Only emerge over time Get lost in the noise Big Data analytics to identify advanced threats Qualified and prioritized detection, reducing noise Incident response workflow orchestration and automation Capabilities to prevent highimpact breaches & damaging cyber incidents 13

A NEW SECURITY APPROACH IS REQUIRED Big Data Analytics can best detect these threats Prevention-centric approaches can stop common threats However, advanced threats: Require a broader view to recognize Only emerge over time Get lost in the noise Big Data analytics to identify advanced threats Qualified and prioritized detection, reducing noise Incident response workflow orchestration and automation Capabilities to prevent highimpact breaches & damaging cyber incidents 14

STRATEGIC SHIFT TO DETECTION AND RESPONSE IS OCCURRING IT Budgets 2013 Detection & Response Prevention Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security 15

STRATEGIC SHIFT TO DETECTION AND RESPONSE IS OCCURRING IT Budgets 2013 Detection & Response Prevention By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from 20% in 2015. Gartner, 2016 Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security 16

STRATEGIC SHIFT TO DETECTION AND RESPONSE IS OCCURRING IT Budgets 2013 Detection & Response IT Budgets 2015 Detection & Response Prevention Prevention By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from 20% in 2015. Gartner, 2016 Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security 17

STRATEGIC SHIFT TO DETECTION AND RESPONSE IS OCCURRING IT Budgets 2020 IT Budgets 2013 Detection & Response IT Budgets 2015 Detection & Response Detection & Response Prevention Prevention Prevention By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from 20% in 2015. Gartner, 2016 Sources: Gartner, Shift Cybersecurity Investment to Detection and Response, January 2016; Gartner, Forecast: Information Security, Worldwide, 2014-2020, 1Q16 Update, April 2016 Note: Excludes security services from estimated overall market spend for enterprise information security 18

FASTER DETECTION & RESPONSE REDUCES RISK Years MTTD & MTTR Months Weeks Days Hours Minutes Devastating RISK & IMPACT OF BREACH Avoided 19

FASTER DETECTION & RESPONSE REDUCES RISK Years Months MTTD & MTTR Weeks Days Hours Minutes Devastating RISK & IMPACT OF BREACH Avoided In 60% of cases, attackers are able to compromise an organization within minutes. 2015 Verizon Data Break Report 20

FASTER DETECTION & RESPONSE REDUCES RISK Years Months MTTD & MTTR Weeks Days Hours Minutes Devastating RISK & IMPACT OF BREACH Avoided 205 median number of days that threat groups were present on a victim s network before detection. Mandiant M-Trends 2015 In 60% of cases, attackers are able to compromise an organization within minutes. 2015 Verizon Data Break Report 21

FASTER DETECTION & RESPONSE REDUCES RISK Years 2,982 days was the longest time to detection observed. Months Mandiant M-Trends 2015 MTTD & MTTR Weeks Days Hours Minutes Devastating RISK & IMPACT OF BREACH Avoided 205 median number of days that threat groups were present on a victim s network before detection. Mandiant M-Trends 2015 In 60% of cases, attackers are able to compromise an organization within minutes. 2015 Verizon Data Break Report 22

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface 23

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning 24

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning Initial Compromise 25

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning Initial Compromise Command & Control 26

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning Initial Compromise Command & Control Lateral Movement 27

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning Initial Compromise Command & Control Lateral Movement Target Attainment 28

THE CYBER ATTACK LIFECYCLE Modern threats take their time and leverage the holistic attack surface Recon. & Planning Initial Compromise Command & Control Lateral Movement Target Attainment Exfiltration, Corruption, Disruption 29

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Security event data Log & machine data Forensic sensor data 30

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Security event data Log & machine data Discover Search analytics Machine analytics Forensic sensor data 31

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Security event data Log & machine data Forensic sensor data Discover Search analytics Machine analytics Qualify Assess threat Determine risk Is full investigation necessary? 32

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Security event data Log & machine data Forensic sensor data Search analytics Machine analytics Assess threat Determine risk Is full investigation necessary? Analyze threat Determine nature and extent of incident 33

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Security event data Log & machine data Forensic sensor data Search analytics Machine analytics Assess threat Determine risk Is full investigation necessary? Analyze threat Determine nature and extent of incident Implement countermeasures Mitigate threat & associated risk 34

END-TO-END THREAT LIFECYCLE MANAGEMENT WORKFLOW TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Security event data Log & machine data Forensic sensor data Search analytics Machine analytics Assess threat Determine risk Is full investigation necessary? Analyze threat Determine nature and extent of incident Implement countermeasures Mitigate threat & associated risk Clean up Report Review Adapt 35

PREPARING LOG DATA FOR ANALYSIS Wireless Access Management Web Server Virtualization VPN Switch Storage Router Remote Access Point of Sale IAM Firewall File Integrity Monitor Email Security Database 36

PREPARING LOG DATA FOR ANALYSIS Wireless Access Management Web Server Virtualization VPN Switch Storage Router Remote Access Point of Sale IAM Firewall File Integrity Monitor Email Security Database Network Monitor Sensors Endpoint Monitor Sensors 37

PREPARING LOG DATA FOR ANALYSIS Wireless Access Management Web Server Virtualization VPN Switch Storage Router Remote Access Point of Sale IAM Firewall File Integrity Monitor Email Security Database Network Monitor Sensors Endpoint Monitor Sensors 38

PREPARING LOG DATA FOR ANALYSIS Uniform Data Classification Uniform Data Structure Time Normalization User Persona Host Persona Geolocation Flow Direction more Network Monitor Sensors Endpoint Monitor Sensors 39

PREPARING LOG DATA FOR ANALYSIS Uniform Data Classification Uniform Data Structure Time Normalization User Persona Host Persona Geolocation Flow Direction more Network Monitor Sensors Endpoint Monitor Sensors Benefits Serves as IT environment abstraction layer Enables generic scenario representation Allows for high-efficacy packaged analytics modules 40

KEY CHALLENGES IN BEHAVIORAL ANALYSIS Network Connection Direction Content Volume User Identity Access Privilege Behavior is not recognized by a single dimension, but the intersection of multiple dimensions each with multiple attributes Internal Context Business Value Asset Classification Risk Rating Vulnerability Endpoint Process Access File Activity Resources Normal Application Access Transactions Error Behavior External Context Threat Intelligence IP Reputation GeoLocation 41

KEY CHALLENGES IN BEHAVIORAL ANALYSIS Internal Context Business Value Asset Classification Risk Rating Vulnerability Network Connection Direction Content Volume Endpoint Process Access File Activity Resources Normal User Identity Access Privilege Application Access Transactions Error Behavior External Context Threat Intelligence IP Reputation GeoLocation Behavior is not recognized by a single dimension, but the intersection of multiple dimensions each with multiple attributes Manual discovery of what s normal is impractical due to the sheer volume of data across multiple types of dimensions. An unmanageable volume of false positives based on benign anomalies Significant blind spots / false negatives Need an automated technology to learn behavioral attributes across multiple dimensions 42

WHAT IS MACHINE LEARNING? Machine learning is a subfield of computer science that evolved from the study of pattern recognition and computational learning theory in artificial intelligence. Machine learning explores the study and construction of algorithms that can learn from and make predictions on data. Such algorithms operate by building a model from example inputs in order to make data-driven predictions or decisions, rather than following strictly static program instructions. 43

WHAT IS MACHINE LEARNING? A core component of learning is the ability to draw generalized conclusions from specific examples = fruit Supervised: Matching inputs and outputs are presented to the algorithm to tune its memory Unsupervised: Algorithm is left to its own devices to tune its memory 44

THE CHALLENGE The security analytics use case presents some unique challenges when applying machine learning Differentiation of anomaly detection vs. security threat detection Injection of domain knowledge required Cost of errors False positives : expensive for security analytics False negatives: failure of security analytics Translation of algorithm output into actionable information Scale and heterogeneity of data Lack of training data makes supervised learning difficult at best 45

FUSION OF ANALYTICS METHODS Behavioral Anomaly Detection Behavioral Analytics Machine learning techniques detecting anomalous activity unseen by pattern/scenario-based detection methods Baselining across months with near-real-time anomaly recognition Provides high-fidelity data to scenario-based analytics identifying and qualifying the highest priority threats Facilitates machine-assisted hunting 46

FUSION OF ANALYTICS METHODS Behavioral Anomaly Detection Scenario- Based Analytics Behavioral Analytics Machine learning techniques detecting anomalous activity unseen by pattern/scenario-based detection methods Baselining across months with near-real-time anomaly recognition Provides high-fidelity data to scenario-based analytics identifying and qualifying the highest priority threats Facilitates machine-assisted hunting Enterprise Threat Qualification Multi-dimensional scenario-based analytics Baselining across weeks with real-time recognition Machine learning via statistical and behavioral baselining Corroboration of anomalous behavior into a qualified threat alert, adding risk and threat context 47

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation 48

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation Incident Detection Begins with an alarm, event, or log 49

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation Case Creation Cases must be created instantly from any view. Access should be explicit and communication controlled. 50

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation Incident Response Cases should always be accessible, enabling information from alarms, log or audit data, files, PCAPs, etc., to be quickly added and annotated. 51

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation Collaboration + Automation Pre identify escalation paths by incident type, employ smart eyeballs, automate mundane tasks, add quick approval processes for countermeasures. 52

EXPEDITING RESPONSE Goal: Expedite forensic analysis by creating a work area that allows users to analyze multiple datasets related to a common ongoing investigation Incident Resolution Detailed history of the case, including relevant evidence and workflows for long-term IR management. 53

THIS APPROACH IS NOT EFFECTIVE Log Management SIEM Endpoint Monitoring & Forensics Security Analytics Security Automation & Orchestration Network Behavioral Analytics 54

THIS APPROACH IS NOT EFFECTIVE 55

OBSTACLES TO FASTER DETECTION & RESPONSE 56

OBSTACLES TO FASTER DETECTION & RESPONSE Alarm Fatigue 57

OBSTACLES TO FASTER DETECTION & RESPONSE Alarm Fatigue Swivel Chair Analysis 58

OBSTACLES TO FASTER DETECTION & RESPONSE Alarm Fatigue Swivel Chair Analysis Forensic Data Silos 59

OBSTACLES TO FASTER DETECTION & RESPONSE Alarm Fatigue Swivel Chair Analysis Forensic Data Silos Fragmented Workflow 60

OBSTACLES TO FASTER DETECTION & RESPONSE Alarm Fatigue Swivel Chair Analysis Forensic Data Silos Fragmented Workflow Lack of Automation 61

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover 62

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Unified Platform Supporting End-to-End Workflow 63

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Unified Platform Supporting End-to-End Workflow Holistic Visibility 64

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Unified Platform Supporting End-to-End Workflow Holistic Visibility Search and Machine-Based Analytics Enabled by Data Processing 65

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Unified Platform Supporting End-to-End Workflow Holistic Visibility Search and Machine-Based Analytics Enabled by Data Processing Scenario and Machine Learning Analytics 66

SOLUTION REQUIREMENTS TIME TO DETECT TIME TO RESPOND Forensic Data Collection Discover Qualify Investigate Neutralize Recover Unified Platform Supporting End-to-End Workflow Holistic Visibility Search and Machine-Based Analytics Enabled by Data Processing Scenario and Machine Learning Analytics Embedded Security Automation and Orchestration 67

THANK YOU 68

Questions? 69

THIS TRAINING CONTENT ( CONTENT ) IS PROVIDED TO YOU WITHOUT WARRANTY, AS IS AND WITH ALL FAULTS. ISACA MAKES NO REPRESENTATIONS OR WARRANTIES EXPRESS OR IMPLIED, INCLUDING THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR PERFORMANCE, AND NON- INFRINGEMENT, ALL OF WHICH ARE HEREBY EXPRESSLY DISCLAIMED. YOU ASSUME THE ENTIRE RISK FOR USE OF THE CONTENT AND ACKNOWLEDGE THAT: ISACA HAS DESIGNED THE CONTENT PRIMARILY AS AN EDUCATIONAL RESOURCE FOR IT PROFESSIONALS AND THEREFORE THE CONTENT SHOULD NOT BE DEEMED EITHER TO SET FORTH ALL APPROPRIATE PROCEDURES, TESTS, OR CONTROLS OR TO SUGGEST THAT OTHER PROCEDURES, TESTS, OR CONTROLS THAT ARE NOT INCLUDED MAY NOT BE APPROPRIATE; ISACA DOES NOT CLAIM THAT USE OF THE CONTENT WILL ASSURE A SUCCESSFUL OUTCOME AND YOU ARE RESPONSIBLE FOR APPLYING PROFESSIONAL JUDGMENT TO THE SPECIFIC CIRCUMSTANCES PRESENTED TO DETERMINING THE APPROPRIATE PROCEDURES, TESTS, OR CONTROLS. Copyright 2017 by the Information Systems Audit and Control Association, Inc. (ISACA). All rights reserved. This webinar may not be used, copied, reproduced, modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise). 70

THANK YOU FOR ATTENDING THIS WEBINAR

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback