Top Banner
EventLog Analyzer Siddharth Sharathkumar
11

Decrypting the security mystery with SIEM (Part 2)

Apr 05, 2017

Download

Technology

ManageEngine ADSolutions
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Decrypting the security mystery with SIEM (Part 2)

EventLog AnalyzerSiddharth Sharathkumar

Page 2: Decrypting the security mystery with SIEM (Part 2)

2

Security and Auditing

One SIEM solution to rule them all.

Page 3: Decrypting the security mystery with SIEM (Part 2)

GUARDING NETWORK PERIMETERAuditing your network devices

Page 4: Decrypting the security mystery with SIEM (Part 2)

Is someone accessing something they shouldn't be allowed to?

Denied connections Traffic allowed

Firewall rule change

But how?

Page 5: Decrypting the security mystery with SIEM (Part 2)

SECURING BUSINESS CRITICAL APPLICATIONS

Page 6: Decrypting the security mystery with SIEM (Part 2)

Comprehensively audit web server errors

Request access to

web server

Request failed Too many errors?

Bad gateway errors?

Do I need to revamp my resources?

Or is someone up to no good?

Repeated requests

Page 7: Decrypting the security mystery with SIEM (Part 2)

CUSTOM LOG PARSER

Page 8: Decrypting the security mystery with SIEM (Part 2)

Threat Intelligence

You sha;; not pass YOU SHALL NOT PASS!!!

Page 9: Decrypting the security mystery with SIEM (Part 2)

Preventive security solutions alone aren't going to be enough9

Page 10: Decrypting the security mystery with SIEM (Part 2)

Backtracking a security attack

Page 11: Decrypting the security mystery with SIEM (Part 2)

THANK YOU Queries?


Related Documents
Reversing and decrypting communications of apt malware

Reversing and decrypting communications of apt malware

Category: Technology
decrypting fibonacci and lucas sequences

decrypting fibonacci and lucas sequences

Category: Documents
Decrypting Cryptogenic Epilepsy: Machine Learning Methods ...

Decrypting Cryptogenic Epilepsy: Machine Learning Methods...

Category: Documents
Decrypting the Online Panelist

Decrypting the Online Panelist

Category: Documents
Decrypting Substitution Ciphers with Genetic Algorithmsjkenwood/JasonBrownbridge.pdf · Decrypting Substitution Ciphers with Genetic Algorithms Jason Brownbridge Department of Computer

Decrypting Substitution Ciphers with Genetic...

Category: Documents
Trustwave SIEM LP Software and SIEM Operations Edition ... … · Trustwave SIEM Software and SIEM Operations Edition Security Target 2 DOCUMENT INTRODUCTION Prepared By: Common Criteria

Trustwave SIEM LP Software and SIEM Operations Edition ........

Category: Documents
Decrypting Crypto -Colonialism and unveiling the Mask of ...

Decrypting Crypto -Colonialism and unveiling the Mask of ...

Category: Documents
Decrypting DPAPI data - Black Hat Briefings

Decrypting DPAPI data - Black Hat Briefings

Category: Documents
DPAPI and DPAPI-NG: Decrypting All Users' Secrets and PFX ... · DPAPI and DPAPI-NG: Decrypting All Users' Secrets and PFX Passwords @paulacqure @CQUREAcademy CONSULTING Paula Januszkiewicz

DPAPI and DPAPI-NG: Decrypting All Users' Secrets and PFX...

Category: Documents
BlueCoat Decrypting SSL

BlueCoat Decrypting SSL

Category: Documents
DECRYPTING CRYPTO-FUNDS: THE KEY QUESTIONS... · 2020-06-22 · 2 CLIFFORD CHANCE DECRYPTING CRYPTO-FUNDS: THE KEY QUESTIONS DECRYPTING CRYPTO-FUNDS: THE KEY QUESTIONS Many of the

DECRYPTING CRYPTO-FUNDS: THE KEY QUESTIONS... ·...

Category: Documents
Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys · Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys Mathy Vanhoef iMinds-DistriNet, KU Leuven Mathy.Vanhoef@cs.kuleuven.be

Predicting, Decrypting, and Abusing WPA2/802.11 Group...

Category: Documents