how to maintain business equally secured in corporate ...mcafee investigator empowers incident...
TRANSCRIPT
![Page 1: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/1.jpg)
MCAFEE CONFIDENTIAL
How to maintain business equally secured in corporate network and cloud
• Adaptive Security Architecture • CASB - Cloud Access Security Broker
Harri Hämäläinen | Territory Manager, Finland & Baltics
![Page 2: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/2.jpg)
MCAFEE CONFIDENTIAL
Top 3 Security Concerns and Desired Outcomes
2
How can I better protect and detect threats faster?
How can I gain improved contextual visibility to
threats in my environment and respond?
How can I reduce IT security complexity and minimize
operational burden?
Outsmart Attackers Comprehensive threat defense to
combat pervasive threats
Drive Efficiency Increase capacity & reduce complexity
via shared intelligence, an adaptive architecture and streamlined workflows
Customer Concerns Desired Outcomes
$ $$
Discover & Respond Faster Contextual defenses to quickly expose, hunt, and remediate advanced threats
![Page 3: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/3.jpg)
MCAFEE CONFIDENTIAL
Security’s Perfect StormThe continued need for an efficient security framework
3
Time Imperative
Comprehension and response cannot happen
fast enough
Increasing Complexity
Threats continue to rise while mobility and cloud
erode our control
Resource Constraints
There’s not enough people or $$$ to throw at the
problem
![Page 4: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/4.jpg)
MCAFEE CONFIDENTIAL
Is there a Silver Bullit?
No! ☺
![Page 5: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/5.jpg)
MCAFEE CONFIDENTIAL
We must Cooperate!
![Page 6: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/6.jpg)
MCAFEE CONFIDENTIAL
Asset
Threat
Identity
Activity
BPM
Risk
DataLocation
Data Exchange LayerAn innovative, real-time, bi-directional communications fabric providing with product integration simplicity.
Security components operate as one to immediately share relevant data between endpoint, gateway, and other security products enabling security intelligence and adaptive security.
THE SECURITY CONNECTED FRAMEWORKADAPTIVE SECURITY ARCHITECTURE
![Page 7: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/7.jpg)
MCAFEE CONFIDENTIAL
Data Exchange LayerMake smarter decision, faster with unified components and streamlined communication
7
Result Slow, heavy, and burdensome
Complex and expensive to maintain
Limited vendor participation
Fragmented visibility
Result Fast, lightweight, and streamlined
Simplified and reduced TCO
Open vendor participation
Holistic visibility
Disjointed API-Based Integrations
Collaborative Fabric-Based Ecosystem (DXL)
![Page 8: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/8.jpg)
MCAFEE CONFIDENTIAL
Connected Today In Testing or Development Today In Design
SIA Partners
POC
POC
DXL Ecosystem Today
![Page 9: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/9.jpg)
MCAFEE CONFIDENTIAL
![Page 10: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/10.jpg)
MCAFEE CONFIDENTIAL
Skyhigh Cloud Access Security Broker enables organizations to accelerate their business by giving them total control over their data in the cloud
![Page 11: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/11.jpg)
MCAFEE CONFIDENTIAL
Where is your sensitive data today?
5%5%
11%
13%
7%8%
31%
16%
Salesforce
Office 365
Google Docs 2%
Slack 2%
AWS
Custom Apps
BoxServiceNow
High-Risk Shadow
Med/Low-Risk Shadow
![Page 12: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/12.jpg)
MCAFEE CONFIDENTIAL
![Page 13: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/13.jpg)
©Skyhigh Networks. All rights reserved. Skyhigh Confidential.13
Network security fails to protect data in the cloud & mobile
Data created natively in cloud is invisible to network security
Data uploaded to cloud from mobile is invisible to network security
50% of cloud traffic is cloud-to-cloud and invisible to network security
![Page 14: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/14.jpg)
©Skyhigh Networks. All rights reserved. Skyhigh Confidential.14
Two insufficient approaches to protecting data in the cloud
API
Proxy
Agent
Real time Complete coverage
Data at rest Data uploaded Data created in cloud Standard apps Certificate pinned apps
Real time Complete coverage
Data at rest Data uploaded Data created in cloud Standard apps Certificate pinned apps
CASB
![Page 15: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/15.jpg)
©Skyhigh Networks. All rights reserved. Skyhigh Confidential.15
Skyhigh’s unique approach
Lightning Link
Sky Gateway
Ground Link
Sky Link
One platform with unified polices across cloud services
Real time Complete coverage
Data at rest Data uploaded Data created in cloud Standard apps Certificate pinned apps
No new agents No friction
SaaS
Shadow IT
IaaS Custom Apps
![Page 16: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/16.jpg)
MCAFEE CONFIDENTIAL
Employees
Partners
Customers
Vendors
Managed
Unmanaged
Mass migration to the cloud
On-Network Off-Network
![Page 17: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/17.jpg)
![Page 18: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/18.jpg)
Expert Driven Analytics – McAfee Investigator• Human and Machine Teaming
Human and Machine - An Unbeatable Force
• The Volume of alerts/logs is overwhelming and teams can only scale so far…..that’s where McAfee Investigator can help!
• McAfee Investigator can… • Discover decisive insights at machine speed • Guide investigations that lessen the skills gap and
reduce incident response time • Scale analysts’ capacity and expertise in attack
investigations.
![Page 19: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/19.jpg)
McAfee Investigator• The Power of Human and Machine Teaming
Investigator collects over 4000 pieces of evidence that are applicable to this case…
Then applies expert guidance and iterative analytics to summarize down to 28 pieces of evidence!
![Page 20: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/20.jpg)
In Summary:
McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with increased accuracy, using automation, human expertise, and machine learning. ✓ Discovers decisive insights for SOC analysts ✓ Guides investigations for fast and effective resolution ✓ Scales analysts’ capacity and expertise.
![Page 21: How to maintain business equally secured in corporate ...McAfee Investigator empowers incident responders to fully investigate malware, network threats and IOCs in less time, with](https://reader034.vdocuments.mx/reader034/viewer/2022050410/5f874934356df71ee329aa53/html5/thumbnails/21.jpg)