Identifying, Monitoring, and Analyzing Security Threats

Security threats grow and evolve every day. Whether a business is dealing with a cyber-attack from a malicious outsider or a breach caused knowingly or not by an end user from within the company, the end result is the same. The immediate costs of a cyber security incident can be extremely high. Long-term, the loss of trust among customers can prove just as damaging.

Join Arraya Solutions for this half-day event to gain the knowledge you'll need to strengthen your vulnerability management strategies and successfully monitor and protect your network against evolving cyber attacks.

Sessions will include:

Defining Risks Through Vulnerability Management

Prioritizing your information systems and understanding where weaknesses exist is critical to defending against advanced persistent threats. Recent worldwide security incidents have repeatedly leveraged known vulnerabilities to cause catastrophic damage to systems. Managing hardware and software inventories can be tedious and manually analyzing them for risks is near impossible. This presentation will cover strategies for developing a vulnerability management program and propose strategies for automating the process.

Protecting and Monitoring the Physical Network

The central hub to any enterprise information system is the physical network that connects all the systems together. Many organizations don’t know what’s connected though, which devices are allowed to talk to one another, and how internal systems are communicating with the internet. Attackers have leveraged the openness of many networks to establish a foothold and communicate back to command and control servers undetected. This presentation will identify methods for monitoring the physical network, blocking unauthorized connections, segmenting sensitive areas, and using tools to analyze malicious DNS activity.

Centralizing Monitoring, Alerting and Reporting

As the stack of security tools grows, managing and watching them becomes a difficult task. Having a central point for monitoring, alerting, and reporting on cyber security events can improve visibility, decrease response time, and provide a basis for forensic investigation. This session will review options for centralizing and correlating cyber security events and reviewing metrics that can be generated through the use of Security Incident and Event Management (SIEM) solution. Additionally, it will demonstrate how to bring results from the earlier sessions and other data into a security operations center that can be leveraged as the focal point for defending against cyber attacks.