Documente Academic
Documente Profesional
Documente Cultură
Amenazas que
pueden pasar
desapercibidas
Securonix Latinoamérica
Luis Guzmán
Senior Sales Engineer
Javier Rodríguez
Sales Director
Seguridad basada en
politicas
Con Securonix…
Usuario Interno: Empleados actuales, empleados terminados, contratistas, vendedores, proveedores, etc.
Tech Indicators
Subidas a una
Correo USB CD/DVD Imprimir
Red Externa
Analytical Approach
Quien? (Personal Risk
Que? (Risk Boosters) Donde? (Exfiltration) Behavior Analytics
Indicator)
• Watch list Users • Internal Sensitive Documents • Recipient analysis • Flight Risk: predictive
• Bad performance review • Critical files downloaded from • Personal Email address analytics
• Upcoming termination SharePoint • Competitor domain • Behavior algorithms:
• Flight risk users • Blueprints • Non-business domain • Event Rarity
• Employee code of conduct + • High value extension files + • Non approved USB devices • Peak Usage
• Employee Type (Contractor • Source code • Mass storage • Peer outlier
Vs. Employee) • BCC and Forwards • Cross channel data egress
• Document Discovery
Analytical Approach
Who? (Inherent Risk
What? (Privileged activity) Where? (Critical assets) Behavior Analytics
Indicator)
• Watch list Users • Privileged activity on Database • Databases, applications, • Unusual authentication
• Administrators • Privileged activity on Servers servers and routers/switches anomaly
• High Privileged Users • Privileged activity on classified as critical due to • Behavior algorithms:
• Flight risk users Applications • SOX / HIPAA / PCI • Event Rarity
• Non-privileged users + • Authentication anomalies + Compliance • Peak Usage
• In-secure file transfer activity • Customer confidentiality • Peer outlier
• Contractors
• Circumventing IT controls • Intellectual property • Access Anomalies
• Multiple host access within a • Critical business function • File transfer anomalies
short time frame
© 2018 Securonix. All Rights Reserved. Confidential.
15
DEMO de SNYPR
Gracias!