Upload
nathan-burke
View
131
Download
0
Embed Size (px)
Citation preview
Intelligent Security Orchestration and Automation hexadite.com
2017
Solving the Cybersecurity Capacity Problem
Intelligent Security Orchestration and Automation hexadite.com
Overview
• About Hexadite
• Today’s Incident Response Challenge
• Intelligent Security Automation & Orchestration
• Customer Highlights
Intelligent Security Orchestration and Automation hexadite.com
About HexaditeSTATS
FOUNDED 2014
HEADQUARTERS Boston
R&D Tel Aviv
INDUSTRIES COVERED• Telecom• Retail• Media• Insurance
• Financial Services• Technology• Energy• Manufacturing
INVESTORS
HIGHLIGHTED CUSTOMERS FOUNDERS
Led by ex-military intelligence IR experts, who have run SOCs/CIRTs and trained cyber analysts globally for over a decade.
Eran BarakCEO
Barak KlinghoferCPO
Idan LevinCTO
Intelligent Security Orchestration and Automation hexadite.comhexadite.comIntelligent Security Orchestration and Automation
From Alert to Remediation in
Minutes at Scale.
Intelligent Security Orchestration and Automation hexadite.com
Top IR Challenges
People ProcessTime to investigate an alert
then remediate it is slow
TechnologyComplex environments and too
many alerts to handleWorldwide cyber skills gap and huge variance in skills
Intelligent Security Orchestration and Automation hexadite.com
Too Many Alerts, Too Few Resources
*Source: Security Orchestration and Automation: Closing the Gap in Incident Response – ESG Research
< 500
5%
500 – 1,000 1,001– 5,000 5,001– 10,000 10,001– 15,000 15,000+
10%
27% 28%
21%
9%
• 58% of companies get more than 5,000 alerts per month
• Where do you fit?
• What is being missed?
• One cyber analyst can handle roughly 10 alerts per day
• An analyst can only focus on one alert at a time
• That’s 300 per month (but they generally take weekends off)
• Mean time to alert
• Mean time to investigation
• Mean time to remediation
Intelligent Security Orchestration and Automation hexadite.com
Intelligent Security Orchestration and
Automation
Intelligent Security Orchestration and Automation hexadite.com
Intelligent Security Automation and Orchestration
Intelligent Security Orchestration and Automation hexadite.com
Customer Success: Nuance
“When we first saw the technology from Hexadite, it seemed too good to be true. We tried the product, and it all came true—it solved our problems and greatly reduced costs.”
Doug GrahamCISO
Endless loop of tuning, correlating, and tuning again
IT and security wasted time diagnosing issues
With lean staff they resorted to re-imaged machines Stopped spending time re-imaging
Saw a 95% automation rate
Continue automating new use cases
• Technology Industry
• 10,000 Endpoints
ABOUT
• Force multiplier for investigation and remediation
• Automate what is currently being done by people
REQUIREMENTS
Intelligent Security Orchestration and Automation hexadite.com
Customer Success: IDT
“Hexadite was able to go in right away, give us results and help me solve my security challenges.”
Took up to 15 minutes for alert correlation
Team bogged down investigating alerts with high false positives
Tried writing scripts to automate, but wasn’t maintainable / integrated
Replaced scripts with full automation
Able to focus people on strategic items
Investigate in less than half the time
• Telecommunications
• 16,000 Endpoints
ABOUT
• Force multiplier for investigation and remediation
• Automate what is currently being done by people
REQUIREMENTS
Golan Ben-OniGlobal CIO
Intelligent Security Orchestration and Automation hexadite.com
890
6
$170,000
15
Based on your inputs, you spend $1,020,000 annually to investigate 10% of your alerts. You are paying $44.97 for every investigated alert. 10%
With More Analysts With AutomationIf you were to investigate 100% of your alerts without automation, you would need 59 cyber analysts to manually investigate your alerts
COST ANNUALLY FOR 59 ANALYSTS
$10,086,666.67
COST PER INVESTIGATED ALERT
$31.05
Using automation, you'll be able to investigate 100% of the alerts you receive from detection systems. Using5% of the cost of hiring 59 analysts.
ANNUAL AUTOMATION COST
$504,333.00
ANNUAL STAFF COST
$1,020,000.00
COST PER INVESTIGATED ALERT
$4.69
Intelligent Security Orchestration and Automation hexadite.com
Why Hexadite AIRS
Threat Intelligence Cloud
Cross Platform collectionand remediation
Visualization framework
Utilizing youreco system
Time to value (Days)
Intelligent Security Orchestration and Automation hexadite.com
What Customers Get
Increased Capacity
• Respond at the speed of automation
• Investigate and remediate all alerts automatically
• Free up critical resources to work on strategic initiatives
Lower Costs
• Takes away manual, repetitive tasks
• Automated remediation eliminates downtime
• Retain tier 1 and 2 analysts
Immediate ROI
• Get the full value of detection systems and people
• Up and running in hours, results are instant
• Stronger overall security