Rapid Product Security Incident Response Using a Workflow Based Solution. Diane Mickelson, Rod Henderson,

Similar documents
IBM Verse AppDev and Extensibility. Andrew Davis, STSM, IBM, Chief Architect IBM Verse Yun Zhi Lin, Senior Software Engineer, IBM

InterConnect Dynamic Programming with Maximo - Scripting and Formulas. Anamitra Bhattacharyya. Steve Hauptmann 1 1/17/17

Smarter, Self Service Analytics Augmented Intelligence at your Fingertips. Leah Hostetler, CPA, CA Offering Manager, Cognos Analytics

At a Auto Retailer, IBM Db2 Warehouse on Cloud and Cognos Analytics creates great Business Insights. Rikke Jacobsen René Kent Nielsen EG A/S

Predictive Analytics In Practice

A Next-Gen, Low-Code Intelligent Virtual Assistant, Context- Aware and Tied to Legacy and Cognitive

The IBM DataFirst Method Fueling your data-driven transformation

Mohegan Sun Enables a World at Play with Cognos Analytics

IBM Connections Files - The New Way to Work, Sync and Share. Steve Foley René Schimmer February 2nd, 2016

Prescriptive Analytics & CPLEX Decision Optimization and TM1 Dashboard: Combined Planning Power at JLG Industries

Super Session: Enterprise Social Solutions App Dev Strategy

HAM-1032 Combining the Power of IBM API Management and IBM Integration Bus. Ulas Cubuk IBM UK Lab Services Carsten Börnert IBM UK Lab Services

InterConnect Think Big: Scale Your Business Rules Solutions Up to the World of Big Data. Decision Camp 2017

CICS Cloud + CICS DevOps = Agility2

Kevin Eagan Chief Digital Experience Officer & GM Digital Platforms

Auditable Financial System for Government Contracting at Accenture Federal Services

Keynote. Miroslav Dolaptchiev /

Microservices, Websphere Liberty and Kubernetes - a fully buzzword-compliant devops pipeline. InterConnect Mark Nuttall

Lab Zero: Create a Cloud Native Application in Less than 5 Minutes with zero Install

Amsterdam. Accelerate digital transformation with the cloud for smarter business. Reimagining applications & data for growth and innovation

79 Accelerate your Journey: How to create an Analytics Center of Excellence. Chris Mundy, Alex Lee Corporation Katie McCray, IBM

CONNECTIONS PINK. the future of sharing and collaboration. Petr Kunc IBM Collaboration Solutions November 2017

Training Watson: How I/O Psychology, Data Science, and Engineering integrate to produce responsible AI in HR.

InterConnect IBM Watson Health and IBM Integration: Transforming the Healthcare and Life Sciences Industries

Stephen Mitchell Lead Data Scientist Watson Talent John Medicke Distinguished Engineer. Think 2018 / HRT-9019 / March 19, 2018 / 2018 IBM Corporation

Hybrid Integration Underpins Digital Transformation

InterConnect Best Practices for Migrating Business Processes to the Cloud. Bill Lawton, Program Director BPM on Cloud. Session 7333A 1 3/23/17

IBM Collaboration Solutions Application Development. Frequently Asked Questions. Niklas Heidloff, IBM

IMS Request for Enhancements (RFE) for Customer Requirements

IBM Domino Applications in Bluemix. Martin Donnelly - IBM Ireland

IBM Kenexa BrassRing on Cloud. IBM Kenexa BrassRing on Cloud Release Notes. July 2016 IBM

IBM Kenexa Lead Manager. IBM Kenexa Lead Manager Release Notes. January 2017 IBM

TM1 Neuerungen und Roadmap

2018 IBM Systems Technical University

IBM Maximo Asset Health Insights Version 7 Release 6. Installation Guide IBM

Maximo Product Update

Sizing and Scoping your QRadar SIEM. Adam Frank Chief Client Success Architect. Robert McGinley SWAT Security Intelligence Architect

IBM TRIRIGA Version 10 Release 4.0. Request Central User Guide

Transforming Social Data into Business Insights. Marie Wallace, Vincent Burckhardt

Hybrid Integration Platform Strategy

IBM TRIRIGA Version 10 Release 5. Facility Assessment User Guide IBM

Agile Lifecycle Manager Version 1.1. Release Notes. 31 August 2017 IBM

Optimize Process Performance with Analyzer, Monitor & Business Intelligence

UrbanCode Deploy. IBM z/ TPF DevOps - Taskforce. IBM z/tpf. Jesus Galvez. April 12, z/tpf Software Engineer

Notes/Domino Applications

IBM TRIRIGA Version 10 Release 5.2. Document Management User Guide IBM

Migration Use Cases with the Migration Manager IBM Redbooks Solution Guide

IBM Kenexa Lead Manager. IBM Kenexa Lead Manager Release Notes. June 1, 2017 IBM

IBM Cloud Object Storage System Version FIPS Reference Guide IBM

IBM Maximo Mobile Asset Manager Version 7 Release 5. User Guide

Best practices. Deploying Your Service Package. IBM Platform Symphony

Creating Robust and Effective Claims Solutions with IBM Case Manager IBM Redbooks Solution Guide

IBM Spectrum Scale. Transparent Cloud Tiering Deep Dive

IBM Cloud High Performance Computing (HPC)

Best practices. Troubleshooting your own application. IBM Platform Symphony

IBM Kenexa Lead Manager. IBM Kenexa Lead Manager Release Notes. July, 2017 IBM

IBM TRIRIGA Version 10 Release 4.0. Facility Assessment User Guide

IBM Maximo Asset Management Version 7 Release 6. Help Installation Guide IBM

IBM SmartCloud Control Desk: High Availability and Disaster Recovery Configurations IBM Redbooks Solution Guide

Business Agility for Smarter Banking

IBM Tivoli Netcool Performance Manager Wireline Component Document Revision R2E1. Documentation Overview

IBM Kenexa Lead Manager. IBM Kenexa Lead Manager Release Notes. June 26, 2017 IBM

Subtitle: Continuous Data Collection & Tivoli Enterprise Monitoring

A New Approach to Managing Information: An Introduction to Advanced Case Management. Session Number Jeff Douglas, Sr. Product Manager, IBM

IBM Configure Rational Insight for Rational Asset Manager

IBM Kenexa BrassRing on Cloud. IBM Kenexa BrassRing on Cloud Release Notes. December 2016 IBM

Maximo Product Update and Roadmap

Getting Started with FASB/IASB Support in TRIRIGA ISM Release

IBM StoredIQ Data Script Version User Guide SC

Building a Platform for Innovation: Architecture and Agile as Key Enablers

IBM TRIRIGA Version 10 Release 4.0. Procurement Management User Guide

IBM Tivoli Advanced Audit for DFSMShsm PTF UI39512: GFS/AFM TMS support. Version 2 Release 5 IBM

IT portfolio management template

IBM Kenexa Lead Manager. IBM Kenexa Lead Manager Release Notes. April 2017 IBM

The IBM Rational strategy for integrating with Product Lifecycle Management (PLM)

ORACLE VALUE CHAIN PLANNING COLLABORATIVE PLANNING

An Introduction to Application Integration Suite

IBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide

IBM Watson IoT Maximo Asset Management Version 7.6 Release

Session 2.9: Tivoli Process Managers

IBM Kenexa BrassRing on Cloud. IBM Kenexa BrassRing on Cloud Release Notes. January 2017 IBM

IBM TRIRIGA Version 10 Release 5.2. Procurement Management User Guide IBM

IBM TRIRIGA Version 10 Release 5.2. Procurement Management User Guide IBM

Solutions to Accelerate Compliance with Affordable Care Act (ACA) Mandates and HIPAA Standards IBM Redbooks Solution Guide

What s New: IBM Business Process Manager 8.0

Adding IBM LTFS EE tape tier to an IBM SCSA managed storage cloud

Fast Forward Shareholder Value from your SAP Investment using IBM Rational

Tracking Payments and Securities with IBM Financial Transaction Manager V2 IBM Redbooks Solution Guide

Mastering new and expanding financial services regulations and audits

IBM System Storage DR550 and DR550 Express. Interoperability Directory Overview

IBM Sterling Order Management drop ship capabilities

IBM Planning Analytics Last updated: New Features Guide IBM

Smarter Commerce for healthcare and life sciences

IBM Financial Transaction Manager for SEPA Services IBM Redbooks Solution Guide

IBM Maximo Asset Health Insights Version 7 Release 6. Installation Guide IBM

IBM TRIRIGA Version 10 Release 5.2. Inventory Management User Guide IBM

IBM Service Management solutions To support your IT objectives. Create and manage value throughout the entire service management life cycle.

Introduction to the IBM MessageSight appliance for Mobile Messaging and M2M

IBM TRIRIGA Version

The Advanced Meter Data Management Solution for Next Generation Utility Service

Transcription:

Rapid Product Security Incident Response Using a Workflow Based Solution Diane Mickelson, dmickel@us.ibm.com Rod Henderson, rodhende@us.ibm.com

Please Note: IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. 1

Agenda IBM PSIRT Tooling Design Challenge Workflow-Based PSIRT PSIRT Demo 2

IBM PSIRT

IBM PSIRT Roles Main players PSIRT Operations Oversees PSIRT Tool and compliance Product Responder Performs detailed analysis and creates remediation plan Brand Lead Monitors actions of Brand team to ensure activity and progress Pillar Lead Oversees vulnerability assessments performed by the Product Teams PSIRT users responsibility: Collaborate with PSIRT and Brand team Validate vulnerability Multi-tiered review of Remediation and Communication Plan (approach and timeline to address issue) Adhere to plan Prevent disclosure of sensitive information Scorer (IBM X-Force) Determines severity of the vulnerability and provides both the Common Vulnerability Scoring System (CVSS) details and the Common Vulnerability and Exposure (CVE) Other Reviewers 4

IBM PSIRT PSIRT PSIRT Operations Scorers Brand 1 Brand n Brand Lead Pillar 1 Pillar n Pillar 1 Pillar n Pillar Lead Product 1 Product n Product 1 Product n Product 1 Product n Product 1 Product n Other Reviewers Responder Security Bulletin Reviewer Remediation Plan Reviewer 5

Tooling Design Challenge

Simple scenario PSIRT process workflow X-Force updates advisory with CVE and CVSS Details Remediation Plan Reviewers Remediation Plan Reviewer PSIRT Leadership* Other Reviewers* PSIRT Operations Open Source 3 rd party reporter Brand Lead, Pillar Lead or Responder Internally found Customer Create Advisory Advisory represent a security vulnerability Product Record unique representation for a product/offering/component potentially affected Event notification sent Create Product Record(s) Responder PSIRT Operations Responder researches vulnerabilities and requests scoring Responder documents Remediation and Communication Plan Review Plan Draft Security Bulletin Develop Fix Review Security Bulletin Bulletin Reviewers Security Bulletin Reviewer PSIRT Operations Other Reviewers* Publish Fix and Bulletin * Additional reviews may not be needed 7

PSIRT Process problems before workflow tool PSIRT Product Responders 1 PSIRT Operations 3 Executive Management PSIRT Brand & Pillar Leads 6 1 2 Unstructured tasks and communication (paper or email) Inefficient working environment spans systems 3 Inconsistent prioritization Assess 2 Other Fix 4 Plan Policies 4 5 6 Incomplete or inaccurate data flow between systems Lack of control over system and business events (exceptions) Poor visibility into process performance 5 8

Workflow-Based PSIRT Tool

Workflow Business using Business Process Process Management Management Fundamentals (BPM) BPM is an integrated approach to aligning the key activities of an organization into processes that you can consistently measure to optimize value to your organization and its end customers. 10 10

PSIRT Process problems before workflow tool PSIRT Product Responders PSIRT Operations Executive Management PSIRT Brand & Pillar Leads Inefficient Ineffective Inaccurate Other Plan Incomplete Assess Policies Inconsistent Fix Inflexible Invisible 11

PSIRT Process with workflow Product Responders PSIRT Operations PSIRT Brand & Pillar Leads Other Executive Management 1 2 3 Automate workflow & decision making Helps reduce errors and improve consistency Standardize resolution across geographies 4 5 Leverage existing systems and data Monitor for business events and initiate actions 6 Real-time visibility and process control Benefits: Asses Plan Potential reduction in manual work and errors Faster, more consistent issue resolution Fix Policies Metrics, measurements, visibility and businessfriendly reports Rapid, agile and iterative process improvements 12

Overview of PSIRT Tool with Workflow Workflow based tooling helps ensure timely identification, analysis, resolution and reporting of security vulnerabilities in IBM products PSIRT Process is integrated into the tool, where the steps within the process follow a managed workflow with tasks and notifications Tool supports Product Responders, Pillar Leads, Brand Leads, Reviewers, IBM X-Force and PSIRT Operations Each task has a task due date to ensure teams stay on track Tool features: Workflow engine Event notification Task lists 13

Workflow engine Work flow engine guides the PSIRT users through the necessary steps in the PSIRT process The tool is like a big flow chart where your next task depends on the answers you provide in your current task All PSIRT related transactions should occur inside the tool 14

Event notifications Event notifications are used to alert users when Advisory created Product Record created Product Record closed Product Record Remediation Plan created Other reviews are required Product Record Remediation Plan has completed reviews New task assigned Task almost due Task overdue 15

Task based Task an action a user needs to complete (to-do) Each user s to-do s are organized into a series of tasks The tool generates tasks for the appropriate person to complete for each PSIRT Process step Workflow is role based - each task is designed to be completed by a particular role Each users tasks are listed in their PSIRT Task list Users must complete a task in order for the tool to progress to the next task All Brand and Pillar Leads are able to view all tasks for every role to track progression of a record Users need to claim a task to work on it; once claimed no one else can work the task 16

Workflow-Based PSIRT Tool benefits PSIRT Tool supports the PSIRT Process and guides users through a series of tasks PSIRT Policies and rules are incorporated into the PSIRT Tool Plans are checked by a compliancy checker Out of compliance records have different workflows with extra approvals Leads are able to easily pinpoint a Product Record s progression through the PSIRT Process PSIRT Operations and Leads can better monitor records that are noncomplaint Reduction of rework due to exceptions and errors Significant reduction in emails 17

PSIRT Demo

All of a user s tasks are in one convenient location, clearly marked with due dates Tasks are automatically assigned to the correct people 19

Complete audit trail trail of of every every product product record record Email reminders to ensure tasks are handled on time 20

All relevant information is available is available for each for step each of the step process of the process Direct links to the Knowledge Center 21

Built in checks for duplicate records 22

Alternate process paths triggered automatically when required Expedited process paths triggered automatically when required 23

Built in compliance checking Pull Scoring information directly from X- Force database 24

Appropriate Reviews are determined and requested by the tool Captures review history and plan modifications Reviewers can see comments left by previous reviewers 25

26

Remains open until every task is complete 27

Team Performance Overview of task status Brand Lead can see overall Brand performance Pillar Lead can see overall Pillar performance 28

Notices and Disclaimers Copyright 2016 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGE ARISING FROM THE USE OF THIS INFORMATION, INCLUDING BUT NOT LIMITED TO, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF PROFIT OR LOSS OF OPPORTUNITY. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM's future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law 29

Notices and Disclaimers Con t. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. IBM, the IBM logo, ibm.com, Aspera, Bluemix, Blueworks Live, CICS, Clearcase, Cognos, DOORS, Emptoris, Enterprise Document Management System, FASP, FileNet, Global Business Services, Global Technology Services, IBM ExperienceOne, IBM SmartCloud, IBM Social Business, Information on Demand, ILOG, Maximo, MQIntegrator, MQSeries, Netcool, OMEGAMON, OpenPower, PureAnalytics, PureApplication, purecluster, PureCoverage, PureData, PureExperience, PureFlex, purequery, purescale, PureSystems, QRadar, Rational, Rhapsody, Smarter Commerce, SoDA, SPSS, Sterling Commerce, StoredIQ, Tealeaf, Tivoli, Trusteer, Unica, urban{code}, Watson, WebSphere, Worklight, X-Force and System z Z/OS, are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml. 30

Thank You

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback