Upload
anitian
View
146
Download
0
Tags:
Embed Size (px)
Citation preview
ANITIAN
2Why Sherlock?
• Target CIO Beth Jacob was “fired” from Target in 2014 because of a major breach• There was ample evidence of the breach, but
nobody responded to it• There is ample technology to detect
breaches• Somebody must analyze the data• Vital threat intelligence is not getting
communicated to leadership
intelligent information security
A N I T I A N
Anitian Sherlock puts actionable threat intelligence into the hands of leadership to fuel rapid response
intell igent informati on security
ANITIAN
4
“
”
Fight back with intelligence
Sherlock Vision Statement
intelligent information security
ANITIAN
5
“
”
Empower leadership with actionable threat intelligence
Sherlock Mission Statement
intelligent information security
ANITIAN
6What is Sherlock?
• We analyze the security data in your environment for evidence of compromise • We find the breach before it causes damage• We reduce the dwell time of an attacker• Analysis in context of latest threat intelligence • Sherlock Top 5 Threat Intelligence Report• Focuses you and your people on the threats that really matter
intelligent information security
ANITIAN
7How Sherlock Works
• Our “Sherlocks” hunt through your environment looking for evidence of compromise• Our Tactics: • Alerts: Automated alerts that tip off our team• Hunt: Clues to a breach we search for• Case: An issue we are tracking in your
environment• Campaign: A collection of cases that share similar
attributes
intelligent information security
ANITIAN
8Sherlock Threat Intelligence
• We collect, normalize, and refine threat intelligence from numerous sources• Intelligence is filtered to suit your business • Augment the intelligence our 20+ years of experience
with security operations• We configure the tools to seek out evidence of
attacks, breaches, or compromise • Machine intelligence + human intelligence = Sherlock
intelligent information security
ANITIAN
9Service Options
• Intelligence Analysis• Sherlock Stack • Advanced Forensics • Incident Response Retainer • Penetration Testing• Risk Assessment
intelligent information security
ANITIAN
12Stack Technology
• Fortinet NGFW, IDS/IPS, Sandboxing• Cylance Advanced endpoint breach detection• Splunk SIEM• Darktrace Advanced network forensics• Click Security Advanced reporting and analytics• Websense Data loss prevention, web security• Nessus Vulnerability management • NNT Change management
intelligent information security
ANITIAN
13Packages
• Sherlock.A Analytics• Sherlock.AS Analytics + Stack • Sherlock.ASF Analytics + Stack + Deep Forensics • Sherlock.CRM Continuous Risk Management• Sherlock.H Healthcare industry package• Sherlock.E Energy industry package• Sherlock.SecOps Security operations package
intelligent information security
ANITIAN
14Additional Sherlock Services
Anitian can provide add-on services• RiskNow Rapid Risk Assessment • Network & Application Layer Penetration Testing• PCI Compliance assesments • SOC2 audits • Code review
intelligent information security
ANITIAN
15Benefits
• Deep analysis and threat intelligence• Simple, hands-off• Actionable reports, no dizzying dashboards• Dedicated analyst• Data stays with you, no co-mingling • You own the technology• Most experienced security intelligence team in the world
intelligent information security
ANITIAN
16The Team
• SANS Trained analysts• Focused on you• Dedicated person (with backups)• Hands on tech people• Senior analysts and forensic auditors available on
demand
intelligent information security
ANITIAN
17Resource Requirements
• 5-10 days for setup of stack• 5-10 days of tuning• Reports begin flowing in 10-20 days • Less than 1 hour per week to review reports
intelligent information security
ANITIAN
The Game is On
intelligent information security
Protect your data
your business
and your job
with Sherlock
It’s elementary
anitian.com