SOC SECURITY ANALYTICS - PowerPoint PPT Presentation

About This Presentation
Title:

SOC SECURITY ANALYTICS

Description:

A momentous portion of information security efforts focus on monitoring and analyzing data about events on networks, servers and other devices. Advances in big data analytics are now applied to security monitoring to enable both broader and more in-depth analysis. For Leo TechnoSoft’s Intelligence Driven SOC, big data security analytics and analysis is an extension of security information and event management (SIEM), CASB, PIM and related technologies. The quantitative difference in the volumes and types of data analyzed result in qualitative differences in the types of information extracted from security devices and applications and hence a resulting qualitative difference in the possible alerts/alarms. – PowerPoint PPT presentation

Number of Views:79

less

Transcript and Presenter's Notes

Title: SOC SECURITY ANALYTICS


1
SOC SECURITY ANALYTICS
  • A momentous portion of information security
    efforts focus on monitoring and analyzing data
    about events on networks, servers and other
    devices. Advances in big data analytics are now
    applied to security monitoring to enable both
    broader and more in-depth analysis. For leo
    technosofts intelligence driven SOC, big data
    security analytics and analysis is an extension
    of security information and event management
    (SIEM), CASB, PIM and related technologies. The
    quantitative difference in the volumes and types
    of data analyzed result in qualitative
    differences in the types of information extracted
    from security devices and applications and hence
    a resulting qualitative difference in the
    possible alerts/alarms.

2
  • Leo TechnoSofts Intelligence Driven SOCs big
    data security analytics is designed to collect,
    integrate and analyze large volumes of data in
    near real time, which requires several additional
    capabilities like User Context Correlation,
    Security Control Visibilities like IFC, FISMA ,
    ISO and discovering Patterns between Devices,
    Identity, Data and Context together.
  • Five key features distinguish big data security
    analytics from other information security
    domains.

3
KEY FEATURES
  • Scalability and User Context Correlation
  •  
  • One of the key distinguishing features of Leo
    TechnoSoft's Intelligence Driven SOC Security
    Analytic is scalability. The platforms have the
    ability to collect data in real or near real
    time. Network traffic is a continual stream of
    packets that can be analyzed as fast as they are
    a captured. The analysis tool doesnt depend on a
    lull in network traffic to catch up on a backlog
    of packets to be analyzed.The analysis provides
    the ability to correlate events across time and
    space, which means the stream of events logged by
    one device, such as a Web server, may be highly
    significant with respect to events on an end-user
    device a short time later.

4
Reporting and visualization Security
Compliance 
  • Another essential function of Leo TechnoSoft's
    Intelligence Driven SOC Security Analytic is
    reporting and support for analysis.Security
    professionals have on demand reporting to support
    operations and compliances dashboards. They also
    have access to dashboards with preconfigured
    security indicators to provide high-level
    overviews of key performance measures/indicators.V
    isualization presents information derived from
    big data sources in ways that can be readily and
    rapidly identified by security analysts. Leo
    TechnoSoft's Intelligence Driven SOC Security
    Analytic uses visualization techniques to help
    analysts understand complex relationships in
    linked data across a wide range of entities, such
    as websites, users and HTTP transactions.

5
Information context
  • Since security events generate so much data,
    there is a risk of overwhelming analysts and
    other infosec professionals and limiting their
    ability to discern key events. Leo TechnoSoft's
    Intelligence Driven SOC Security Analytic frames
    data in the context of users, devices and events.
  • Data without this kind of context is far less
    useful, and can lead to higher than necessary
    false positives. Contextual information improves
    the quality of behavioral analysis and anomaly
    detection. Contextual include somewhat static
    information, such as the fact that a particular
    employee works in a specific department. It also
    includes more productive information, such as
    typical usage patterns that can be subject to
    change over time.
Write a Comment
User Comments (0)
About PowerShow.com