The New Security Frontier: Threat Hunting, Augmented Intelligence, - - PowerPoint PPT Presentation

the new security frontier
SMART_READER_LITE
LIVE PREVIEW

The New Security Frontier: Threat Hunting, Augmented Intelligence, - - PowerPoint PPT Presentation

Apr 16, 2023 279 likes •444 views

The New Security Frontier: Threat Hunting, Augmented Intelligence, and Automated Response Michael Melore, CISSP IBM Cyber Security Advisor @MichaelMelore June 2018 May 2018 May 2018 Threat Hunting Workflow Cognitive Advanced Analytics

slide-1
SLIDE 1

The New Security Frontier:

Threat Hunting, Augmented Intelligence, and Automated Response

Michael Melore, CISSP

June 2018 IBM Cyber Security Advisor

@MichaelMelore

slide-2
SLIDE 2

May 2018

slide-3
SLIDE 3

May 2018

slide-4
SLIDE 4

Workflow

Advanced Analytics Cognitive Threat Hunting

DETECT ENRICH

INVESTIGATE ORCHESTRATE

Incident Response

slide-5
SLIDE 5

IBM CONFIDENTIAL until January 2017

Investigations

slide-6
SLIDE 6

IBM CONFIDENTIAL until January 2017

Investigations

slide-7
SLIDE 7

IBM CONFIDENTIAL until January 2017

Investigations

slide-8
SLIDE 8

What is an Unknown Unknown Search

Offense

2

Offense Property

b

Offense Property

a

Offense Property

f

Offense

1

Offense Property

i

Offense Property

c

Offense Property

d

Offense Property

e

Offense Property

h

Offense Property

g

Ask the question: “show me which

  • ffenses share the same property”

– you don’t know the subset of offenses, not the subset of properties to search

slide-9
SLIDE 9

IBM CONFIDENTIAL until January 2017

Investigations

slide-10
SLIDE 10

IBM CONFIDENTIAL until January 2017

Hunting

slide-11
SLIDE 11

Incident Response

slide-12
SLIDE 12

Gain integrated, real-time threat intelligence

IBM X-Force Exchange Crowd-sourced information sharing based on 700+TB of threat intelligence

https://exchange.xforce.ibmcloud.com

Find, fix, and secure endpoints Prevent advanced network attacks Use analytics to discover and eliminate threats Coordinate response activity Understand the latest threat actors Get help from security experts

slide-13
SLIDE 13

Gain integrated, real-time threat intelligence

IBM X-Force Exchange – Tailored Dashboards Crowd-sourced information sharing based on 700+TB of threat intelligence

https://exchange.xforce.ibmcloud.com

Find, fix, and secure endpoints Prevent advanced network attacks Use analytics to discover and eliminate threats Coordinate response activity Understand the latest threat actors Get help from security experts

slide-14
SLIDE 14

An integrated and intelligent security immune system

Workload protection Cloud access security broker Access management Identity management Data access control Application security management Application scanning Data monitoring Device management Content security

slide-15
SLIDE 15

The New Security Frontier:

Threat Hunting, Augmented Intelligence, and Automated Response

Michael Melore, CISSP

June 2018 IBM Cyber Security Advisor

@MichaelMelore