Upload
alienvault
View
430
Download
2
Embed Size (px)
DESCRIPTION
The Evolving Security Market SIEM: The Failed Strategy USM - Can 11,000 customers be wrong? Architecting the Perfect Sale with AlienVault
Citation preview
Channel Partner Training: “So Many Security Products to Sell to My Customers…So Why AlienVault? Why Now?”
JUSTIN ENDRESSVP OF WORLDWIDE SALES
BEFORE WE GET STARTED…
* General Housekeeping
* Today’s session is interactive!We have 1 hour together so please Ask Questions!!!We’ll try to provide answers in context as we go along
* Today’s session is being recordedRecorded session will be sent to all attendees to distribute
AGENDA
• The Threat Landscape: Our NEW Reality• Are companies spending on IT Security?• SIEM: ”A Failed Strategy”• USM - Can 11,000 customers be wrong?• Architecting the Perfect Sale with AlienVault• Questions & Answers
ARE CUSTOMERS SPENDING ON IT SECURITY?
YES…and spending a lot. Some might suggest “Too Much”
“Network Security spending to surge in 2014” – ZDNet- 62% of organizations expect to increase spend from 2013 to 2014- 63% of organizations want to improve threat detection monitoring- 57% of organizations want to buy from 1 vendor to simplify management
Despite the $67.2 Billion spent on IT security (Gartner) in the US alone eachyear – are we gaining on the problem?
• More and more organizations are finding themselves in the crosshairs of various bad actors for a variety of reasons.
• The number of organizations experiencing high profile breaches is unprecedented.
• The “security arms race” cannot continue indefinitely as the economics of securing your organization is stacked so heavily in favor of those launching attacks that incremental security investments are seen as impractical. We must turn the tables.
THREAT LANDSCAPE: “OUR NEW REALITY”
• Organizations (mid-market AND enterprise) are demanding solutions that are scalable, cost effective, and manageable.
• Enterprises are shifting spend toward consolidated solutions that offer better integration, manageability and economic leverage. (example UTM)
• Organizations are looking to augment their own in-house expertise with a vendor who continues to offer their teams insight into issues across the threat landscape
THREAT LANDSCAPE: “OUR NEW REALITY” ‘conti nued’
84%of organizations breached
had evidence of the breach in their log files…
DESPITE THE BILLIONS SPENT…
** Mandiant MTrends 2013 Threat Report
Source: Verizon 2013 Data Breach Investigations Report
…VENDORS ARE FAILING CUSTOMERS
IN THE PAST YEAR…
• 90% of US businesses suffered some sort of hacking attack*
• 77% of victims attacked more than once*
• 198 US nuclear and power facilities attacked**
• $120B in damages to US businesses due to cybercrime***
• $1 Trillion in intellectual property worldwide stolen*
We’ve seen the stats; HOWEVER what’s lost of most is the SOPHISTICATION of these attacks
…“BAD ACTORS” ARE MORE DANGEROUS THAN EVER
* = http://www.clubcloudcomputing.com/2013/01/infographic-on-hacking-statistics/** = http://money.cnn.com/2013/01/09/technology/security/infrastructure-cyberattacks/*** = http://mcaf.ee/1xk9a
TRADITIONAL SECURITY COMPLEX, EXPENSIVE
GIVEN THE 10 MOST RECOMMENDED TECHNOLOGIES AND THE PRICING RANGE, AN ORGANIZATION COULD EXPECT TO SPEND ANYWHERE FROM $225,000 TO $1.46M IN ITS FIRST YEAR, INCLUDING TECHNOLOGY AND STAFF.
SOURCE: THE REAL COST OF SECURITY, 451 RESEARCH, APRIL 2013
FACTOR INTO THIS:INITIAL LICENSING COSTSIMPLEMENTATION / OPTIMIZATION COSTSONGOING MANAGEMENT COSTSRENEWAL COSTS INTEGRATION OF ALL SECURITY TECHNOLOGIESTRAINING OF PERSONNEL/INCOMING PERSONNEL
HAS SIEM DELIVERED SECURITY “VISIBILITY”?
77% of organizations
DON’T believe that SIEM solutions are delivering
the value promised.
These same companies believe it’s the product/vendor. Is it possible that neither are to blame? Could it be the approach?
SO WHY ARE SIEM SOLUTIONS FAILING?
• High price-tag makes SIEM cost-prohibitive for most.-- Ok, but what about those who can afford it?
• Events alone do not provide enough context to combat today’s threats. -- Continuous threat data is needed, more context needed
• Complex usability directly contribute to high costs associated to ongoing management
-- Dedicated resources are needed for all SIEM vendor solutions. Remember the target market.
• Integration of multiple technologies challenging-- Ok, but once they are all integrated; that shouldn’t be a concern right?
THE “BIGGEST” REASON SIEM SOLUTIONS FAIL?• CORRELATION is left up to the end user to own. SIEM vendors DON’T help here.
What’s worse – they CAN’T.
Remember this Graph? During the evaluation the vendor does:
• The deployment of the SIEM• Integration of all the data sources• Builds the correlation rules for the customer• Develops the reports for the customer• Leverages ‘point in time’ threat data • Manages the system
So what’s wrong with that?Nothing…as long as the vendor remains onsite; otherwise the cycle continues.
“PLEASE…NOT ANOTHER SECURITY PRODUCT.”
PRODUCT OVERVIEW
UNIFIED SECURITY MANAGEMENT THE COMPLETE SET OF INTEGRATED TOOLS, CROWD-SOURCED
THREAT INTELLIGENCE & PROPRIETARY SECURITY RESEARCH SECURITY MADE UNIFIED, SIMPLE AND AFFORDABLE
UNIFIED SECURITY MANAGEMENT
Unified SecurityManagement
5 Essential Capabilities for Unified Security Management
AssetDiscovery
Vulnerability Assessment
Threat Detection
BehavioralMonitoring
SecurityIntelligence
• All of this value combined into one solution• Priced for any budget• Designed for any type of user• Continually updated with the latest threat intelligence • Supported by a community of security peers and experts
Security Intelligence through integration we do, not your end-user
Security Intelligence
Asset Discovery
VulnerabilityAssessment
Threat Detection
BehavioralMonitoring
powered by AV Labs Threat
Intelligence
USM • Active Network Scanning• Passive Network Scanning• Asset Inventory• Host-based Software
Inventory
• Continuous Vulnerability Monitoring
• Authenticated / Unauthenticated Active Scanning
• Log Collection• Netflow Analysis• Service Availability Monitoring
• SIEM Event Correlation• Incident Response
• Network IDS• Host IDS• Wireless IDS• File Integrity Monitoring
USM PRODUCT CAPABILITIES
OTX: WORLD’S LARGEST OPEN THREAT EXCHANGE
8,000 collection points in 140+ countries
100,000 malicious IPs validated every day
500,000 malware samples analyzed per day
• Sell through large MSSPs (Telcos)
Enterprise ClassFull Security Staff
Enterprise ClassMid Market and Departmental
Enterprise
Limited Security Staff
• MSSPs• Cloud providersSMB
No Security Staff
AlienVault Community
Engaged community of customers, open source users and threat sharingcontributors
WE SERVE ALL MARKETS: ENTERPRISE PRODUCT AT AN AFFORDABLE PRICE
There are millions of mid-market organizations around the world• $50M to $500M in revenue• 500 to 5,000 employeesWe also serve organizations of any size that lack:
⇾ Sufficient staff⇾ Security expertise
⇾ Technology⇾ Budget
CUSTOMERSMSSPs End-User Customers
OUR COMPANY
Experienced Management Team
$66.4M in Financing
Our MissionTo build security products for the underserved mid-market
Engage AlienVault Early/Often
Inside of a Deal Cycle:• Register deals early to lock in additional margins• Leverage AlienVault Pre-Sales Engineers to support your demo• Leverage AlienVault Pre-Sales Engineers to conduct evaluations
Other Engagements:• Training for your internal sales team• Marketing events in your region• Webcasts/Joint-Webcasts to support lead generation within your customer base• Online Marketing campaigns/templates
www.alienvault.com
30-Day Free Trial(Fully featured)
THANK YOU