gtcw13 security silicon to seattle - stephen poeppe
TRANSCRIPT
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
1/20
McAfee Delivers Intelligent SecuritySecurity: Silicon to Satellite foundation level requirements
for Services, Communication and Compliance
Stephen Poeppe
Sales Engineer
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
2/20
IT Forces Impacting Government 2.0
DATA CENTERTRANSFORMATION
NEXTGENERATION
ENDPOINT
WEB ANDIDENTITY
NEXT GENERATIONNETWORK
2
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
3/20
Inherent Complexity
Encryption
Next
Gen IPS
Identity andAccess Control
Data Protection
Data LossPrevention
Cloud
Virtualization
Servers /Networks
DatabaseSecurity
EmailProtection
Social MediaProtection
Identity Protection
WebProtection
BYOD / Mobile Enable the Workforce
Identity
Protect Devices
OS Protection (Legacy,Win 7/8, Android, Mac)
ReportingProtect IP
App Protection
Continuous Monitoring
Exploding Data
Achieve CyberReadiness
DATA CENTERTRANSFORMATION
NEXTGENERATION
ENDPOINT
WEB ANDIDENTITY
NEXT GENERATIONNETWORK
3
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
4/20
Compounded by Business Constraints
Encryption
NextGen IPS
Identity andAccess Control
Data Protection
Data LossPrevention
Cloud
Virtualization
Servers /Networks
DatabaseSecurity
EmailProtection
Social MediaProtection
Identity Protection
WebProtection
BYOD / Mobile Enable the Workforce
Identity
Protect Devices
OS Protection (Legacy,Win 7/8, Android, Mac)
ReportingProtect IP
App Protection
Continuous Monitoring
Exploding Data
Achieve CyberReadiness
DATA CENTERTRANSFORMATION
NEXTGENERATION
ENDPOINT
WEB ANDIDENTITY
NEXT GENERATIONNETWORK
DECREASED/FLATBUDGETS
LIMITED ORUNTRAINEDRESOURCES
UNPLANNEDCOMPLIANCE
AND REPORTINGREQUIREMENTS
CHANGINGBUSINESSDEMANDS
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
5/20
CAN?
The Security Dilemma
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
6/20
How to Optimize Your Investment
CAN?
HOW?
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
7/20
OPTI
(~4% of IT Bud
COMPLIANT/PROACTIVE
(~8% of IT Budget on Security)
REACTIVE
(~3% of IT Budget on Security)
SECURITY OPTIMIZATION
Security Posture
TCO (CapEx +)
The Drive to OptimizeThe Maturity Model of Enterprise Security
7
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
8/20
1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0
1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
INTEGRATED AND
INTELLIGENTSOLUTIONS
REAL TIME
SITUATIONALAWARENESSAND RESPONS
Security ConnectedDelivering an Optimized Security Capability
8
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
9/20
McAfee
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
10/20
McAfee
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
11/20
McAfee
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
12/20
McAfee
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
13/20
McAfee
Use Case # 1 - Outage Prevention
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
14/20
McAfee
Use Case # 1 - Outage Prevention
" I now have the most
time view of theenvironment, rather talways looking l ike I wlast to know" .
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
15/20
McAfee
Use Case # 2- Blacklisted Applications
All systems now clea
blacklisted applicatio
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
16/20
McAfee
Use Case # 2- Blacklisted Applications
All systems now clea
blacklisted applicatio
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
17/20
McAfee
Other questions you can ask
Get Installed Applications contains * from a
Get OS from all machines
Who is logged in and running a particular p
What are the hashes of files that are conneknown bad IP address?
Get McAfee File reputation from all machin
Get McAfee HIPS Status from all machines
Get Open Port[80] from all machines
Get established connections to external IP
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
18/20
McAfee
and actions you can take
Stop and start processes or services
Add or delete files
Read or modify registry keys
Install, patch, update, or remove applicatio
Anything else you can think of that you canon a command line or shell!
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
19/20
Security Connected Platform Vision
COUNTERMEASURES
AND INTEGRATION
CONTEXT AND ORCHESTRATION
SECURITY MANAGEMENT
ANALYTICS
THREAT INTELLIGENCE
19
-
7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe
20/20