![Page 1: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/1.jpg)
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
How to Turbocharge Your Cyber Security Incident
Response With Automation
February 24, 2016starting at
12:00pm EST / 9:00am PST
![Page 2: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/2.jpg)
Today’s webinar will be presented by:
Guy NadiviDirector, Business
Development
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 2
Sharon Cohen, CISM
IT & Security Professional Services Manager
![Page 3: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/3.jpg)
Company Background
• Leading innovator of IT Process Automation Software
• Founded in 2007, Headquarters in New York
• Product first launched in 2009
• Flagship product: eyeShare™ IT Process Automation v4.7.3
• Eric Benhamou, former CEO of 3Com and Palm, BGV currently
slide 3© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
![Page 4: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/4.jpg)
Sample of eyeShare Users
slide 4© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
![Page 5: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/5.jpg)
Agenda
slide 5© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
#1Why you should
automate Cyber Security
Incident Response
#2The concerns
of running automation in Cyber Security
Incident Response
#3A real life
scenario of automating
Incident Response
![Page 6: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/6.jpg)
What Is A Cyber Security Incident Response?
slide 6© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).
The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
source: searchsecurity.techtarget.com/definition/incident-response
An organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).
The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
![Page 7: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/7.jpg)
What Is A Cyber Security Incident Response?
slide 7© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
source: Gartner - "Top Security Trends for 2016-2017"
![Page 8: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/8.jpg)
Why Automate Cyber Security Incident Response?
slide 8© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
“71% of represented organizations experienced at least one successful cyberattack in the preceding 12 months (up from 62% the year prior)”.
source: 2015 Cyberthreat Defense Report from the CyberEdge Group
205 - median number of days that threat groups were present on a victim’s network before detection (Longest Presence: 2,287 days)
source: "Beyond the Breach" - Mandiant 2015 Malware Report
Malicious cyber attacks cost US$300 Billion to US$1 Trillion a year!
source: "THE ECONOMIC IMPACT OF CYBERCRIME AND CYBER ESPIONAGE Report" - Center for Strategic and International Studies July 2013
![Page 9: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/9.jpg)
Why Automate Cyber Security Incident Response?
slide 9© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
“By 2019, 40% of large enterprises will require specialized, automated tools to meet regulatory obligations in the event of a serious information security incident.”
source: Gartner
![Page 10: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/10.jpg)
Why Automate Cyber Security Incident Response?
slide 10© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Lack of qualified staff Lack of necessary expertisePeople don’t scale very well
![Page 11: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/11.jpg)
Why Automate Cyber Security Incident Response?
slide 11© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
When it comes to remediating security breaches, automation is a force multiplier
![Page 12: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/12.jpg)
Concerns About Automating Cyber Security Incident Response
slide 12© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Too Many False Positives In Security
![Page 13: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/13.jpg)
Concerns About Automating Cyber Security Incident Response
slide 13© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
In Security (& elsewhere) False Positives Are Distressing
![Page 14: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/14.jpg)
Automating Cyber Security Incident Response
slide 14© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
![Page 15: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/15.jpg)
Automating Cyber Security Incident Response
slide 15© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
A security playbook is a customizable template for specific cyber security incidents, that streamlines an organization's response procedures using best practices.
Playbook
![Page 16: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/16.jpg)
Ayehu Case Study
slide 16© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
Dual Logins By The Same Individual From Different Locations
• A user logs in from one location.
• The same user then logs in 15 minutes later from another location 30 miles away.
• Is the first login legitimate, but the second one fraudulent? Or is it the other way around? Maybe they’re both fraudulent?
• How do you automate the process of determining which login (if any) is legitimate?
![Page 17: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/17.jpg)
Sharon Cohen
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 17
![Page 18: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/18.jpg)
Demo
slide 18© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
![Page 19: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/19.jpg)
Top 3 Features
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 19
No Programming !
![Page 20: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/20.jpg)
Top 3 Features
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 20
No Agents !
![Page 21: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/21.jpg)
Top 3 Features
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 21
![Page 22: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/22.jpg)
Top 3 Benefits
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 22
Automation enables better preparation
• Simulate & test multiple scenarios in advance of an attack
• Validates playbooks
• Fast response, errors reduced, documented properly, people notified
![Page 23: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/23.jpg)
Top 3 Benefits
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 23
Automation enables 24/7 Coverage
• SOC's are rarely manned around the clock with security experts
• Enables fast, best practice responses no matter who’s on duty any time of day
![Page 24: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/24.jpg)
Top 3 Benefits
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
slide 24
Rapid Containment, Eradication, & Recovery
• Malware• Evidence• Vulnerabilities• Operational
![Page 25: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/25.jpg)
Ask Us Anything
slide 25© 2016 Ayehu Software Technologies, Ltd. All rights reserved.
![Page 26: How to Turbocharge Your Cyber Security Incident Response with Automation](https://reader035.vdocuments.site/reader035/viewer/2022062412/5873b76a1a28abbc788b4bc7/html5/thumbnails/26.jpg)
Please send any follow up questions to:
slide 26
Go To ayehu.com
Free trial versionof eyeShare!
© 2016 Ayehu Software Technologies, Ltd. All rights reserved.