Directions Re the meeting: http://crime.zotconsulting.com/directions.php3 Speaker(s): Jeff Cole and Scott Lupro -- SilentRunner, Inc. Title: Network Security Analysis - from the war room to the board room Topic: As the line continues to blur between external and internal network security threats, -a new network defense layer, Network Security Analysis has emerged as a strategic security decision-support tool, providing an unprecedented view into what's really happening on the network. Network Security Analysis (NSA) provides organizations an unmatched analysis of what is happening to their data, inside and outside the perimeter, by producing information that is critical in making strategic security related decisions. Evolved from signals-intelligence-based technology, NSA has emerged to expedite strategic decision-making within business and law enforcement. The basis of these tools lies in formerly classified technology, which correlates remote and internal communications and data into critical decision-making information. When combined with advanced visualization technology, organizations are further empowered to solve complex security problems by expediting management decision-making efforts. Designed, in part, to supplement and extend traditional perimeter security tools such as IDS and Firewalls, -Network Security Analysis (NSA) cost-effectively strengthens the perimeter, while guarding the soft underbelly of the inside network. For example, NSA will audit an IDS system, perform Intrusion Tracking and assess Intrusion Damage. NSA will improve the effectiveness of an IDS system, by quickly sorting out false positives from true malicious events, -and provide a means to identify new attack signatures for quick update to Firewall and IDS signature databases. Whereas an IDS system is metaphorically like the car alarm which trips off in the parking lot and nobody pays attention, NSA is the security camera which records and validates true incidents. Network Security Analysis applications include: Incident Response, Forensics Investigations (both real time and post), Virtual Network sequencing and mapping, Policy visualization, and the graphical analysis/correlation of IDS, Firewall and other logs. NSA provides closed circuit television for your network. As organizations open up networks to employees, partners and customers, the challenge of managing intellectual property has never been greater. The presentation will propose an effective security infrastructure which marries multiple, best-of-breed technologies, to a collaborative partnership between business, government and law enforcement. Network Security Analysis tools provide the common denominator across these communities. The discussion will have meaning for executives who must ensure the welfare of their electronic assets and the successful management of their enterprise networks. To law enforcement: -a complete forensics evidence trail, leading to quicker prosecution and resolution of cases, and arguably an ability to cover more ground. To businesses: -exponential insight into what's happening on their networks, resulting in quicker interdiction to suspicious events across platforms, and deeper security coverage. To regulated industries: -the ability to confidently demonstrate to regulators, customers, partners, suppliers and shareholders that appropriate steps have been taken to ensure the integrity and privacy of business-critical data. Think of this technology layer as 'Exhibits A...Z' for regulators, litigation, the board, investors, management, partners, customers, and law enforcement. Industries affected include Banking, Securities, Medical (HIPAA compliance), Communications, Electronics, Pharmaceutical, High technology, Manufacturing, Education and Government. The presentation is by SilentRunner Inc, a wholly owned subsidiary of Raytheon Company, and provider of Network Security Analysis products to government entities and the Fortune 500. SilentRunner is the end-result of over four years of research and development by Raytheon Corporation to solve the problem on how to provide customers the ability to cost-effectively safeguard their electronic property. SilentRunner has built the worlds most advanced Network Security Analysis products on the market today. Utilizing one-of-a-kind 3-D rendering of network communications, SilentRunner makes it easy to spot malicious and anomalous network behavior such as insiders gone bad, the spread of macro viruses, identifying sources of internal and external attacks, and seeing a "low and slow" attack on the network from two or more seemingly unrelated sources.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:42:58 PDT