尊敬的 微信汇率:1円 ≈ 0.046166 元 支付宝汇率:1円 ≈ 0.046257元 [退出登录]
SlideShare a Scribd company logo

Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective on cybersecurity with Securonix 


Cloudera, Inc.
Cloudera, Inc.

Learn how to: * Detect threats automatically and accurately
 * Reduce threat response times from 7 days to 4 hour
 * Ingest and process 100+TB per day for automated machine learning and behavior-based detection


Software
1 of 38
1© Cloudera, Inc. All rights reserved. | Delivering User Behavior Analytics at Apache Hadoop Scale A New Perspective on Cybersecurity with Securonix & Cloudera |
2© Cloudera, Inc. All rights reserved. | Agenda • Introduction • Industry Overview • SNYPR: Big data enabled security analytics • Q&A
3© Cloudera, Inc. All rights reserved. | Today’s Speakers Tanuj Gulati Co-Founder and Chief Technology Officer Rocky DeStefano Cybersecurity Subject Matter Expert
4© Cloudera, Inc. All rights reserved. | Industry Overview
5© Cloudera, Inc. All rights reserved. | Security Operations Modernized Security Architecture Security Analysts Find Advanced Threats Faster Security Responders Rapid Investigation Over any Timeline Benefits of Apache Hadoop for Cybersecurity
6© Cloudera, Inc. All rights reserved. | Legacy Cyber Solutions (TBs) Aggregated Events Raw System Logs Network Flows/ DNS Full Packet Capture Video, Text, Images User Data Data Types (MBs>PBs) Search Correlations SQL Machine Learning Advanced Statistics 1 10 20 40 Time (Months) 3 Cloudera’s Hadoop Based Cybersecurity Solutions (PB) • Gartner named Cloudera Non-Security-Specific Analytics Vendors to Watch1 • 60% of UEBA Vendors to Watch use CDH1 • 25% of Network Traffic Analysis Vendors to Watch use CDH1 • 50% of MSSP ‘Leaders’ use CDH2 Modernizing the Cybersecurity Architecture Security Operations 1 Market Trends: User and Entity Behavior Analytics (UEBA) Expand Their Market Reach – Gartner April 2016 2 Magic Quadrant for Managed Security Services, Worldwide – Gartner December 2015
7© Cloudera, Inc. All rights reserved. | Find Advanced Threats Faster Technical Indicators Context Anomaly Detection Behavior Analytics Sentiment Analysis Operational InsightMachine Learning OPERATIONS Cloudera Manager Cloudera Director DATA MANAGEMENT Cloudera Navigator Encrypt and KeyTrustee Optimizer STRUCTURED Sqoop UNSTRUCTURED Kafka, Flume PROCESS, ANALYZE, SERVE UNIFIED SERVICES RESOURCE MANAGEMENT YARN SECURITY Sentry, RecordService STORE INTEGRATE BATCH Spark, Hive, Pig MapReduce STREAM Spark SQL Impala SEARCH Solr OTHER Kite NoSQL HBase OTHER Object Store FILESYSTEM HDFS RELATIONAL Kudu Security Analysts 623 940 379
8© Cloudera, Inc. All rights reserved. | Why User Behavior Analytics? Network FileEndpoint Context ContextUser Complete Enterprise Visibility Logs User Behavior Analytics Enables: Incident Detection: •Data Exfiltration •Privileged Account Misuse •Sabotage •Account Takeover •Lateral Movement Operational Insight: •Cleanup Rogue Access Privileges •Access Reviews •Access Certifications Incident Context: • Understand true Source and the User / Entity Impact to the business Endpoint Logs Applications File Context
9© Cloudera, Inc. All rights reserved. | SNYPR: Big Data enabled security analytics
© 2016 / Confidential 10 The Anatomy of a Basic Cyber Attack Agenda Current State of Security Monitoring Next Generation Security Monitoring SNYPR: Big Data Enabled Security Analytics SNYPR: Success Stories & Demonstration
© 2016 / Confidential 11 The Anatomy of a Basic Cyber Attack Kill Chain Threat Indicators Composite Threats Phishing Malicious content Account Compromise System Compromise Data Consumption Data EgressMalware Infection Data Exfiltration Lateral MovementDrive-by Download Basic APT Spear Phishing 10 M Emails 40 M Website Visits 200 M Processes 400 M Netflow 3 M Data Egresses To detect this basic cyber attack, organizations must analyze … per day: Phishing Attempt Malicious Content Compromised Endpoint Lateral Movement Data Exfiltration
© 2016 / Confidential 12 Current State - Enterprise Security Monitoring • Proprietary data store(s) • Information siloes • Partial context • Expensive data retention • Signature based threat detection • Too Many Alerts • High number of false positives • Correlation across small time window • Threat centric • Requires multiple systems • Reactive & post-attack • External ticketing system THREATSRESPONSE MONITORING • Limited Entity Context • Weak Visualization • Hours to Search • Days to Investigate DATA REPOSITORY
© 2016 / Confidential 13 Next Generation Security Analytics  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
© 2016 / Confidential 14 Next Generation Security Analytics LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
© 2016 / Confidential 15 Next Generation Security Analytics INVESTIGATION & RESPONSE  Cross Device Event Correlation  Behavior Based Anomaly Detection  Entity Centric Risk Scoring  Threat Models ADVANCED ANALYTICS LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
© 2016 / Confidential 16 Next Generation Security Analytics  Investigation Workbench  Search & Visualization Palette  Data Link Analysis  Case Management & Workflows  Privacy Controls INVESTIGATION & RESPONSE  Cross Device Event Correlation  Behavior Based Anomaly Detection  Entity Centric Risk Scoring  Threat Models ADVANCED ANALYTICS LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
© 2016 / Confidential 17 Securonix SNYPR – Next Gen Security Analytics SECURITY DATA LAKE DETECTION  Hunt @ Speed of Thought  Super-enriched Events  On-Demand Visualization  Scale to Petabytes  Open Data Model  Ingest @ 1,200,000+ EPS  Normalize > Correlate > Store  Real Time and Batched Analytics  Machine Learning  Predictive Analytics  Behavior & Signature Based  Threat Model Based Alerts  Entity Centric  Investigate Data Linkages  Integrated Threat Management
© 2016 / Confidential 18 What is Securonix SNYPR? • UEBA (User and Entity Behavior Analytics) + Next Gen Security Event Management (SIEM) + Fraud Analytics - on one platform • SNYPR is a Big Data based, Machine Learning platform with out of box threat and risk detection models for Insider Threat, Cyber Threat and Fraud • Ingests and analyzes security event logs, network flows and application transactions from hundreds of sources
© 2016 / Confidential 19 Recent Patents 1. Behavior Anomaly Detection for Identification of Malicious Activity 2. Anomaly Detection Using Adaptive Behavioral Profiles 3. Risk Scoring in Behavioral Analysis Award Winning Technology Certified
© 2016 / Confidential 20 • Long Term Data Retention • Text Indexing • Correlation Rules Engine • Behavior Anomaly Engine • Peer Anomaly Engine • Event Rarity Engine • DGA and Beaconing Detection • Threat Models HBASE Super Enrichment K A F K A SPARK STREAMING SERVICES • In-memory normalization, attribution & analytics • Distributed and parallelized processing Prioritized Threats Monitor & Search Investigation & Response RAW HDFS SOLR ENRICHED HOSTS Windows/Unix/Mainframe COMMUNCIATION eMail/Chat/Phone PERIMETER IDS/IDP/Firewall/VPN MALWARE Sandboxing/Antivirus NETWORK Netflow/Pcap/ VLAN ACL CLOUD IAAS. PAAS, SAAS ENTERPRISE APPS SAP / OFS / EPIC / CERNER ANALYTICS SNYPR - How does it work? DATA STORAGE INGESTIONNODE IDENTITY HRMS / IAM THREAT INTEL OPEN / COTS
© 2016 / Confidential 21 Entity Correlation & Enrichment >> “Context” Behavior Profiling Event RarityPeer Group Profiling “Purpose-Built” Analytics Digitally Generated AlgorithmsRobotic Patterns (Beaconing) Repeated machine like pattern Connection attempts to suspiciously formed domains
© 2016 / Confidential 22 •Data Exfiltration •Privileged Account Misuse •Sabotage •Snooping •Reconnaissance •Malicious Traffic •Lateral Movement •Account Takeover •Malicious Process •DNS Traffic •Cloud Application Misuse •Infrastructure Sabotage •Retail Fraud •Banking Fraud •ATM Transactions •Trade Surveillance •Manufacturing Fraud INSIDER THREAT CYBER THREAT CLOUD SECURITY FRAUD IDENTITY & ACCESS •Cleanup Rogue Access Privileges •Access Reviews •Access Certifications •Access Requests Our Packaged Applications
© 2016 / Confidential 23  Use Case: Endpoint Protection (POS Terminals)  Data Sources: HRMS Data, POS Events, Netflow  Value Proposition:  Automated correlation of all events to the endpoint  Analyze all endpoint generated data to detect: • Suspicious Process execution • Abnormal Network Flows • Rare File Md5 hashes detected • Suspicious Lateral Movements  Use Case: Insider Threat Protection  Data Sources: HR App, Proxy, Mail Gateway, Hosts, Badging App, Travel App, Network DLP, Confidential Apps  Value Proposition:  Correlate all events to the user identity  Analyze all user generated events to detect: • Unauthorized Data Access: Confidential data / network attempt or accessed than allowed by clearance levels • Data Exfiltration Attempts: Abnormally high volume or frequency of data egressed  Use Case: Patient Health Record Protection  Data Sources: EPIC, Cerner, Medicity and other clinical apps  Value Proposition:  Automated correlation of all PHR access attempts to appropriate staff members  Analyze all PHR Data Access Attempts to detect: • Unauthorized PHR Access: Non Physician staff members accessing PHR records • VIP Snooping: Abnormally high volume of access attempts on a single PHR data • Neighbor snooping: Closely located Employee and Patient • Family Snooping – Co-located Employee and Patient Customer Profile: Large Healthcare Client, TX Customer Profile: Top 3 Financial Institution  Use Case: Privileged Account Protection  Data Sources: Hosts, Databases, VPN, Privileged Identity Mgmt., DLP Events, Web Gateway, Mail Gateway  Value Proposition:  Analyze activities performed by Privileged accounts for misuse • Suspected Malware: Phishing attempt, Visit to malware infected sites, Suspicious process running on host, Infected Files detected on system • Suspected Data Exfiltration: High volume of data transfers • Suspected Sabotage attempt: Suspicious commands run on host Customer Profile: Top 5 Federal Contractor Customer Profile: Top 3 Retailer Customer Success Examples
© 2016 / Confidential 24 Key Takeaways • Maturity/Market Leadership • Tried & Tested Technology • Out of the box ‘Threat Models’ • Privacy Features approved by EMEA workers councils • Scalable & Fault Tolerant • Hadoop Enabled Application • Time to Value/Lower Cost of Ownership • 300+ Connectors • 99.6% True Positive Rate • Threat Exchange • 40+ Contributors • Connectors + Threat Models Solution Maturity Ease of Integration OOB Threat Models Scalable Architecture Securonix Value Proposition
© 2016 / Confidential 25 Demonstration - SNYPR The Big Data Security Analytics Platform
© 2016 / Confidential 26 Welcome to SNYPR
© 2016 / Confidential 27 HIGH-RISK ENTITIES Dashboard
© 2016 / Confidential 28 INVESTIGATE THREAT Violations
© 2016 / Confidential 29 INVESTIGATE THREAT Data Link Analysis
© 2016 / Confidential 30 INVESTIGATE THREAT Location Analysis
© 2016 / Confidential 31 MANAGE THREAT Disposition
© 2016 / Confidential 32 SEARCH @ SPEED OF THOUGHT Hunting for Threats
© 2016 / Confidential 33 SEARCH @ SPEED OF THOUGHT Super Enriched Search
© 2016 / Confidential 34 SEARCH @ SPEED OF THOUGHT 2D Bar Chart – Drill Down
© 2016 / Confidential 35 SEARCH @ SPEED OF THOUGHT 3D – Stacked Bar Chart
© 2016 / Confidential 36 SEARCH @ SPEED OF THOUGHT Custom Dashboards and Visualization
37© Cloudera, Inc. All rights reserved. | Interested in learning more?
38© Cloudera, Inc. All rights reserved. | Contact our experts Schedule a discovery session with our experts Discuss how Securonix and Cloudera can work with you Tanuj Gulati tgulati@securonix.com Rocky DeStefano rocky@cloudera.com

Recommended

User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
Yolanta Beresna
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdf
PencilData
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
Lucas Ko
 
SOC Cyber Security
SOC Cyber SecuritySOC Cyber Security
SOC Cyber Security
Steppa Cyber Security
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 

Recommended

User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
Yolanta Beresna
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdf
PencilData
 
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar UsersSqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
Lucas Ko
 
SOC Cyber Security
SOC Cyber SecuritySOC Cyber Security
SOC Cyber Security
Steppa Cyber Security
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
BGA Cyber Security
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Elasticsearch
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
PencilData
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Getting started with Splunk
Getting started with SplunkGetting started with Splunk
Getting started with Splunk
Splunk
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphUser and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
Sqrrl
 
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Sqrrl
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
Justin Henderson
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
OWASP Delhi
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
Splunk
 
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
BAINIDA
 

More Related Content

What's hot

Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
BGA Cyber Security
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Elasticsearch
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
PencilData
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Getting started with Splunk
Getting started with SplunkGetting started with Splunk
Getting started with Splunk
Splunk
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphUser and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
Sqrrl
 
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Sqrrl
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
Justin Henderson
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
OWASP Delhi
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 

What's hot (20)

Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMUpgrade Your SOC with Cortex XSOAR & Elastic SIEM
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Getting started with Splunk
Getting started with SplunkGetting started with Splunk
Getting started with Splunk
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior GraphUser and Entity Behavior Analytics using the Sqrrl Behavior Graph
User and Entity Behavior Analytics using the Sqrrl Behavior Graph
 
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
 

Similar to Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective on cybersecurity with Securonix 


Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
Splunk
 
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
BAINIDA
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity Renaissance
Cloudera, Inc.
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
Interset
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - Deloitte
Splunk
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
Stefaan Van daele
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Data Science Thailand
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & Response
Harry McLaren
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
 
SplunkLive Auckland 2015 - Splunk for Security
SplunkLive Auckland 2015 - Splunk for SecuritySplunkLive Auckland 2015 - Splunk for Security
SplunkLive Auckland 2015 - Splunk for Security
Splunk
 
SplunkLive Wellington 2015 - Splunk for Security
SplunkLive Wellington 2015 - Splunk for SecuritySplunkLive Wellington 2015 - Splunk for Security
SplunkLive Wellington 2015 - Splunk for Security
Splunk
 
Splunk for Security
Splunk for SecuritySplunk for Security
Splunk for Security
Gabrielle Knowles
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
Vladyslav Radetsky
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
Priyanka Aash
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
Symantec
 
Splunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudySplunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case Study
Andrew Gerber
 

Similar to Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective on cybersecurity with Securonix 
 (20)

Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity Renaissance
 
DataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the DayDataWorks 2018: How Big Data and AI Saved the Day
DataWorks 2018: How Big Data and AI Saved the Day
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - Deloitte
 
Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence Leverage Big Data for Security Intelligence
Leverage Big Data for Security Intelligence
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & Response
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
SplunkLive Auckland 2015 - Splunk for Security
SplunkLive Auckland 2015 - Splunk for SecuritySplunkLive Auckland 2015 - Splunk for Security
SplunkLive Auckland 2015 - Splunk for Security
 
SplunkLive Wellington 2015 - Splunk for Security
SplunkLive Wellington 2015 - Splunk for SecuritySplunkLive Wellington 2015 - Splunk for Security
SplunkLive Wellington 2015 - Splunk for Security
 
Splunk for Security
Splunk for SecuritySplunk for Security
Splunk for Security
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
Splunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudySplunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case Study
 

More from Cloudera, Inc.

Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptx
Cloudera, Inc.
 
Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists
Cloudera, Inc.
 
2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists
Cloudera, Inc.
 
Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019
Cloudera, Inc.
 
Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19
Cloudera, Inc.
 
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Cloudera, Inc.
 
Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19
Cloudera, Inc.
 
Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19
Cloudera, Inc.
 
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Cloudera, Inc.
 
Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19
Cloudera, Inc.
 
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Cloudera, Inc.
 
Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18
Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3
Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2
Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1
Cloudera, Inc.
 
Extending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the PlatformExtending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the Platform
Cloudera, Inc.
 
Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18
Cloudera, Inc.
 
Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360
Cloudera, Inc.
 
Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18
Cloudera, Inc.
 
Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18
Cloudera, Inc.
 

More from Cloudera, Inc. (20)

Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptx
 
Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists
 
2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists
 
Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019
 
Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19
 
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
 
Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19
 
Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19
 
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
 
Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19
 
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
 
Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18
 
Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3
 
Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2
 
Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1
 
Extending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the PlatformExtending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the Platform
 
Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18
 
Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360
 
Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18
 
Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18
 

Recently uploaded

Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
sapnasaifi408
 
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
manji sharman06
 
119321250-History-of-Computer-Programming.ppt
119321250-History-of-Computer-Programming.ppt119321250-History-of-Computer-Programming.ppt
119321250-History-of-Computer-Programming.ppt
lavesingh522
 
1 Million Orange Stickies later - Devoxx Poland 2024
1 Million Orange Stickies later - Devoxx Poland 20241 Million Orange Stickies later - Devoxx Poland 2024
1 Million Orange Stickies later - Devoxx Poland 2024
Alberto Brandolini
 
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
Chad Crowell
 
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
simmi singh$A17
 
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service AvailableFemale Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
isha sharman06
 
What’s new in VictoriaMetrics - Q2 2024 Update
What’s new in VictoriaMetrics - Q2 2024 UpdateWhat’s new in VictoriaMetrics - Q2 2024 Update
What’s new in VictoriaMetrics - Q2 2024 Update
VictoriaMetrics
 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
Michał Kurzeja
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
 
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
sapnasaifi408
 
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
Anita pandey
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Alina Yurenko
 
Accelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAIAccelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAI
Ahmed Okour
 
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
ns9201415
 
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
tinakumariji156
 
Stork Product Overview: An AI-Powered Autonomous Delivery Fleet
Stork Product Overview: An AI-Powered Autonomous Delivery FleetStork Product Overview: An AI-Powered Autonomous Delivery Fleet
Stork Product Overview: An AI-Powered Autonomous Delivery Fleet
Vince Scalabrino
 
AI Based Testing - A Comprehensive Guide.pdf
AI Based Testing - A Comprehensive Guide.pdfAI Based Testing - A Comprehensive Guide.pdf
AI Based Testing - A Comprehensive Guide.pdf
kalichargn70th171
 
Hyperledger Besu 빨리 따라하기 (Private Networks)
Hyperledger Besu 빨리 따라하기 (Private Networks)Hyperledger Besu 빨리 따라하기 (Private Networks)
Hyperledger Besu 빨리 따라하기 (Private Networks)
wonyong hwang
 

Recently uploaded (20)

Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
Independent Call Girls In Bangalore 💯Call Us 🔝 7426014248 🔝Independent Bangal...
 
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
Call Girls Bangalore🔥7023059433🔥Best Profile Escorts in Bangalore Available 24/7
 
119321250-History-of-Computer-Programming.ppt
119321250-History-of-Computer-Programming.ppt119321250-History-of-Computer-Programming.ppt
119321250-History-of-Computer-Programming.ppt
 
1 Million Orange Stickies later - Devoxx Poland 2024
1 Million Orange Stickies later - Devoxx Poland 20241 Million Orange Stickies later - Devoxx Poland 2024
1 Million Orange Stickies later - Devoxx Poland 2024
 
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
Happy Birthday Kubernetes, 10th Birthday edition of Kubernetes Birthday in Au...
 
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
Independent Call Girls In Kolkata ✔ 7014168258 ✔ Hi I Am Divya Vip Call Girl ...
 
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service AvailableFemale Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
Female Bangalore Call Girls 👉 7023059433 👈 Vip Escorts Service Available
 
What’s new in VictoriaMetrics - Q2 2024 Update
What’s new in VictoriaMetrics - Q2 2024 UpdateWhat’s new in VictoriaMetrics - Q2 2024 Update
What’s new in VictoriaMetrics - Q2 2024 Update
 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
 
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
Hi-Fi Call Girls In Hyderabad 💯Call Us 🔝 7426014248 🔝Independent Hyderabad Es...
 
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
Premium Call Girls In Ahmedabad 💯Call Us 🔝 7426014248 🔝Independent Ahmedabad ...
 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
 
Accelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAIAccelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAI
 
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
Hot Call Girls In Ahmedabad ✔ 7737669865 ✔ Hi I Am Divya Vip Call Girl Servic...
 
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
🔥 Kolkata Call Girls  👉 9079923931 👫 High Profile Call Girls Whatsapp Number ...
 
bgiolcb
bgiolcbbgiolcb
bgiolcb
 
Stork Product Overview: An AI-Powered Autonomous Delivery Fleet
Stork Product Overview: An AI-Powered Autonomous Delivery FleetStork Product Overview: An AI-Powered Autonomous Delivery Fleet
Stork Product Overview: An AI-Powered Autonomous Delivery Fleet
 
AI Based Testing - A Comprehensive Guide.pdf
AI Based Testing - A Comprehensive Guide.pdfAI Based Testing - A Comprehensive Guide.pdf
AI Based Testing - A Comprehensive Guide.pdf
 
Hyperledger Besu 빨리 따라하기 (Private Networks)
Hyperledger Besu 빨리 따라하기 (Private Networks)Hyperledger Besu 빨리 따라하기 (Private Networks)
Hyperledger Besu 빨리 따라하기 (Private Networks)
 

Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective on cybersecurity with Securonix 


  • 1. 1© Cloudera, Inc. All rights reserved. | Delivering User Behavior Analytics at Apache Hadoop Scale A New Perspective on Cybersecurity with Securonix & Cloudera |
  • 2. 2© Cloudera, Inc. All rights reserved. | Agenda • Introduction • Industry Overview • SNYPR: Big data enabled security analytics • Q&A
  • 3. 3© Cloudera, Inc. All rights reserved. | Today’s Speakers Tanuj Gulati Co-Founder and Chief Technology Officer Rocky DeStefano Cybersecurity Subject Matter Expert
  • 4. 4© Cloudera, Inc. All rights reserved. | Industry Overview
  • 5. 5© Cloudera, Inc. All rights reserved. | Security Operations Modernized Security Architecture Security Analysts Find Advanced Threats Faster Security Responders Rapid Investigation Over any Timeline Benefits of Apache Hadoop for Cybersecurity
  • 6. 6© Cloudera, Inc. All rights reserved. | Legacy Cyber Solutions (TBs) Aggregated Events Raw System Logs Network Flows/ DNS Full Packet Capture Video, Text, Images User Data Data Types (MBs>PBs) Search Correlations SQL Machine Learning Advanced Statistics 1 10 20 40 Time (Months) 3 Cloudera’s Hadoop Based Cybersecurity Solutions (PB) • Gartner named Cloudera Non-Security-Specific Analytics Vendors to Watch1 • 60% of UEBA Vendors to Watch use CDH1 • 25% of Network Traffic Analysis Vendors to Watch use CDH1 • 50% of MSSP ‘Leaders’ use CDH2 Modernizing the Cybersecurity Architecture Security Operations 1 Market Trends: User and Entity Behavior Analytics (UEBA) Expand Their Market Reach – Gartner April 2016 2 Magic Quadrant for Managed Security Services, Worldwide – Gartner December 2015
  • 7. 7© Cloudera, Inc. All rights reserved. | Find Advanced Threats Faster Technical Indicators Context Anomaly Detection Behavior Analytics Sentiment Analysis Operational InsightMachine Learning OPERATIONS Cloudera Manager Cloudera Director DATA MANAGEMENT Cloudera Navigator Encrypt and KeyTrustee Optimizer STRUCTURED Sqoop UNSTRUCTURED Kafka, Flume PROCESS, ANALYZE, SERVE UNIFIED SERVICES RESOURCE MANAGEMENT YARN SECURITY Sentry, RecordService STORE INTEGRATE BATCH Spark, Hive, Pig MapReduce STREAM Spark SQL Impala SEARCH Solr OTHER Kite NoSQL HBase OTHER Object Store FILESYSTEM HDFS RELATIONAL Kudu Security Analysts 623 940 379
  • 8. 8© Cloudera, Inc. All rights reserved. | Why User Behavior Analytics? Network FileEndpoint Context ContextUser Complete Enterprise Visibility Logs User Behavior Analytics Enables: Incident Detection: •Data Exfiltration •Privileged Account Misuse •Sabotage •Account Takeover •Lateral Movement Operational Insight: •Cleanup Rogue Access Privileges •Access Reviews •Access Certifications Incident Context: • Understand true Source and the User / Entity Impact to the business Endpoint Logs Applications File Context
  • 9. 9© Cloudera, Inc. All rights reserved. | SNYPR: Big Data enabled security analytics
  • 10. © 2016 / Confidential 10 The Anatomy of a Basic Cyber Attack Agenda Current State of Security Monitoring Next Generation Security Monitoring SNYPR: Big Data Enabled Security Analytics SNYPR: Success Stories & Demonstration
  • 11. © 2016 / Confidential 11 The Anatomy of a Basic Cyber Attack Kill Chain Threat Indicators Composite Threats Phishing Malicious content Account Compromise System Compromise Data Consumption Data EgressMalware Infection Data Exfiltration Lateral MovementDrive-by Download Basic APT Spear Phishing 10 M Emails 40 M Website Visits 200 M Processes 400 M Netflow 3 M Data Egresses To detect this basic cyber attack, organizations must analyze … per day: Phishing Attempt Malicious Content Compromised Endpoint Lateral Movement Data Exfiltration
  • 12. © 2016 / Confidential 12 Current State - Enterprise Security Monitoring • Proprietary data store(s) • Information siloes • Partial context • Expensive data retention • Signature based threat detection • Too Many Alerts • High number of false positives • Correlation across small time window • Threat centric • Requires multiple systems • Reactive & post-attack • External ticketing system THREATSRESPONSE MONITORING • Limited Entity Context • Weak Visualization • Hours to Search • Days to Investigate DATA REPOSITORY
  • 13. © 2016 / Confidential 13 Next Generation Security Analytics  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
  • 14. © 2016 / Confidential 14 Next Generation Security Analytics LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
  • 15. © 2016 / Confidential 15 Next Generation Security Analytics INVESTIGATION & RESPONSE  Cross Device Event Correlation  Behavior Based Anomaly Detection  Entity Centric Risk Scoring  Threat Models ADVANCED ANALYTICS LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
  • 16. © 2016 / Confidential 16 Next Generation Security Analytics  Investigation Workbench  Search & Visualization Palette  Data Link Analysis  Case Management & Workflows  Privacy Controls INVESTIGATION & RESPONSE  Cross Device Event Correlation  Behavior Based Anomaly Detection  Entity Centric Risk Scoring  Threat Models ADVANCED ANALYTICS LOG MANAGEMENT  Collection & Normalization  Entity Attribution  Context Enrichment  Text Indexing  Open Data Model  Massively Scalable  Very High Ingestion Rate  Long Term Storage BIG DATA PLATFORM
  • 17. © 2016 / Confidential 17 Securonix SNYPR – Next Gen Security Analytics SECURITY DATA LAKE DETECTION  Hunt @ Speed of Thought  Super-enriched Events  On-Demand Visualization  Scale to Petabytes  Open Data Model  Ingest @ 1,200,000+ EPS  Normalize > Correlate > Store  Real Time and Batched Analytics  Machine Learning  Predictive Analytics  Behavior & Signature Based  Threat Model Based Alerts  Entity Centric  Investigate Data Linkages  Integrated Threat Management
  • 18. © 2016 / Confidential 18 What is Securonix SNYPR? • UEBA (User and Entity Behavior Analytics) + Next Gen Security Event Management (SIEM) + Fraud Analytics - on one platform • SNYPR is a Big Data based, Machine Learning platform with out of box threat and risk detection models for Insider Threat, Cyber Threat and Fraud • Ingests and analyzes security event logs, network flows and application transactions from hundreds of sources
  • 19. © 2016 / Confidential 19 Recent Patents 1. Behavior Anomaly Detection for Identification of Malicious Activity 2. Anomaly Detection Using Adaptive Behavioral Profiles 3. Risk Scoring in Behavioral Analysis Award Winning Technology Certified
  • 20. © 2016 / Confidential 20 • Long Term Data Retention • Text Indexing • Correlation Rules Engine • Behavior Anomaly Engine • Peer Anomaly Engine • Event Rarity Engine • DGA and Beaconing Detection • Threat Models HBASE Super Enrichment K A F K A SPARK STREAMING SERVICES • In-memory normalization, attribution & analytics • Distributed and parallelized processing Prioritized Threats Monitor & Search Investigation & Response RAW HDFS SOLR ENRICHED HOSTS Windows/Unix/Mainframe COMMUNCIATION eMail/Chat/Phone PERIMETER IDS/IDP/Firewall/VPN MALWARE Sandboxing/Antivirus NETWORK Netflow/Pcap/ VLAN ACL CLOUD IAAS. PAAS, SAAS ENTERPRISE APPS SAP / OFS / EPIC / CERNER ANALYTICS SNYPR - How does it work? DATA STORAGE INGESTIONNODE IDENTITY HRMS / IAM THREAT INTEL OPEN / COTS
  • 21. © 2016 / Confidential 21 Entity Correlation & Enrichment >> “Context” Behavior Profiling Event RarityPeer Group Profiling “Purpose-Built” Analytics Digitally Generated AlgorithmsRobotic Patterns (Beaconing) Repeated machine like pattern Connection attempts to suspiciously formed domains
  • 22. © 2016 / Confidential 22 •Data Exfiltration •Privileged Account Misuse •Sabotage •Snooping •Reconnaissance •Malicious Traffic •Lateral Movement •Account Takeover •Malicious Process •DNS Traffic •Cloud Application Misuse •Infrastructure Sabotage •Retail Fraud •Banking Fraud •ATM Transactions •Trade Surveillance •Manufacturing Fraud INSIDER THREAT CYBER THREAT CLOUD SECURITY FRAUD IDENTITY & ACCESS •Cleanup Rogue Access Privileges •Access Reviews •Access Certifications •Access Requests Our Packaged Applications
  • 23. © 2016 / Confidential 23  Use Case: Endpoint Protection (POS Terminals)  Data Sources: HRMS Data, POS Events, Netflow  Value Proposition:  Automated correlation of all events to the endpoint  Analyze all endpoint generated data to detect: • Suspicious Process execution • Abnormal Network Flows • Rare File Md5 hashes detected • Suspicious Lateral Movements  Use Case: Insider Threat Protection  Data Sources: HR App, Proxy, Mail Gateway, Hosts, Badging App, Travel App, Network DLP, Confidential Apps  Value Proposition:  Correlate all events to the user identity  Analyze all user generated events to detect: • Unauthorized Data Access: Confidential data / network attempt or accessed than allowed by clearance levels • Data Exfiltration Attempts: Abnormally high volume or frequency of data egressed  Use Case: Patient Health Record Protection  Data Sources: EPIC, Cerner, Medicity and other clinical apps  Value Proposition:  Automated correlation of all PHR access attempts to appropriate staff members  Analyze all PHR Data Access Attempts to detect: • Unauthorized PHR Access: Non Physician staff members accessing PHR records • VIP Snooping: Abnormally high volume of access attempts on a single PHR data • Neighbor snooping: Closely located Employee and Patient • Family Snooping – Co-located Employee and Patient Customer Profile: Large Healthcare Client, TX Customer Profile: Top 3 Financial Institution  Use Case: Privileged Account Protection  Data Sources: Hosts, Databases, VPN, Privileged Identity Mgmt., DLP Events, Web Gateway, Mail Gateway  Value Proposition:  Analyze activities performed by Privileged accounts for misuse • Suspected Malware: Phishing attempt, Visit to malware infected sites, Suspicious process running on host, Infected Files detected on system • Suspected Data Exfiltration: High volume of data transfers • Suspected Sabotage attempt: Suspicious commands run on host Customer Profile: Top 5 Federal Contractor Customer Profile: Top 3 Retailer Customer Success Examples
  • 24. © 2016 / Confidential 24 Key Takeaways • Maturity/Market Leadership • Tried & Tested Technology • Out of the box ‘Threat Models’ • Privacy Features approved by EMEA workers councils • Scalable & Fault Tolerant • Hadoop Enabled Application • Time to Value/Lower Cost of Ownership • 300+ Connectors • 99.6% True Positive Rate • Threat Exchange • 40+ Contributors • Connectors + Threat Models Solution Maturity Ease of Integration OOB Threat Models Scalable Architecture Securonix Value Proposition
  • 25. © 2016 / Confidential 25 Demonstration - SNYPR The Big Data Security Analytics Platform
  • 26. © 2016 / Confidential 26 Welcome to SNYPR
  • 27. © 2016 / Confidential 27 HIGH-RISK ENTITIES Dashboard
  • 28. © 2016 / Confidential 28 INVESTIGATE THREAT Violations
  • 29. © 2016 / Confidential 29 INVESTIGATE THREAT Data Link Analysis
  • 30. © 2016 / Confidential 30 INVESTIGATE THREAT Location Analysis
  • 31. © 2016 / Confidential 31 MANAGE THREAT Disposition
  • 32. © 2016 / Confidential 32 SEARCH @ SPEED OF THOUGHT Hunting for Threats
  • 33. © 2016 / Confidential 33 SEARCH @ SPEED OF THOUGHT Super Enriched Search
  • 34. © 2016 / Confidential 34 SEARCH @ SPEED OF THOUGHT 2D Bar Chart – Drill Down
  • 35. © 2016 / Confidential 35 SEARCH @ SPEED OF THOUGHT 3D – Stacked Bar Chart
  • 36. © 2016 / Confidential 36 SEARCH @ SPEED OF THOUGHT Custom Dashboards and Visualization
  • 37. 37© Cloudera, Inc. All rights reserved. | Interested in learning more?
  • 38. 38© Cloudera, Inc. All rights reserved. | Contact our experts Schedule a discovery session with our experts Discuss how Securonix and Cloudera can work with you Tanuj Gulati tgulati@securonix.com Rocky DeStefano rocky@cloudera.com

Editor's Notes

  1. Good morning, good afternoon, and good evening. Thank you for joining us for today’s webinar: Delivering User Behavior Analytics at Apache Haddop Scape, A New Perspective on Cybersecurity with Securonix and Cloudera.
  2. Today’s webinar will have three sections: A higher level industry overview, followed by a deeper dive into SNYPER. A Q&A portion will take place toward the end of today’s webinar. To ask a question, just type it in the chat box at the lower left corner of your window and submit. NEXT SLIDE
  3. Your speaker’s for today’s webinar are Rocky DeStefano, Cloudera’s Cybersecurity Subject Matter Expert, and Tanuj Gulati, Co-Founder and Chief Technology Officer of Securonix. I will now turn it over to Rocky.
  4. CDH
  5. A starting point on files: PDF EXE JAVA PCAP PE Files RAR ZIP SWF MS Office RTF MHTML YARA Mach-O XOR
  翻译: