ibm security software solutions - powerpoint
TRANSCRIPT
IBM Software | 03/11/2016
IBM SecuritySoftware Value Proposition
Thierry Matusiak
Security Architect
© 2015 IBM Corporation
IBM Security
2
Security Is A Major Question At Various Levels
Applications Data
Users
Infrastructure
Operations
Incidents response, security governance, risks and compliance management
© 2015 IBM Corporation
IBM Security
3
Cloud
Big Data
Fight against Fraud
Mobility
Internet of Things
Applications
Data
Users
Infrastructure
Operations
Security Is Not A Stand-Alone SubjectBut Its Supports Our Customers’ Digital Transformation
© 2015 IBM Corporation
IBM Security
4
People
Web
Fraud
Endpoint
Protection
Data
Test Data
Management
Protection
Activity
MonitoringAnalysis
Risk
Analysis
Infrastructure
Network
Traffic
Endpoints
SaaS
Services
Applications
Application
Security
Mobile Apps
Protection
z Systems
Operations
Service
Expertise Community
Research
Cognitive
Solutions
Risks
& Vulnerabilities
Activity
Monitoring
Incident
Response
Identities
Users
& Admins
Access
To Apps
The Security Chain Evolves Into An Immune System
© 2015 IBM Corporation
IBM Security
5
Security Solutions Integrate With Each Other
This interactive presentation is available online
https://prezi.com/mzqzeskv94pr/ibm-security-portfolio-v2016-june/
© 2015 IBM Corporation
IBM Security
6
Infrastructure Protection
A multi-layered protection, spanning from network to endpoints
Network
Protection
Server
Protection
Workstation
Protection
Mobile
Protection
SaaS
Governance
Fight
APTs
Infrastructure
Network
Traffic
Endpoints
SaaS
Services
z Systems
z Systems
© 2015 IBM Corporation
IBM Security
7
Endpoints
Network
Traffic
Infrastructure
RACF
zSecure
BigFix
Trusteer APEX
MaaS360
Network Protection XGS
SiteProtector System SaaS
Services
Cloud Security Enforcer
z Systems
© 2015 IBM Corporation
IBM Security
8
Enterprise
Network Traffic & SaaS Services
Internet
SaaS services
Cloud SecurityEnforcer
XGSAppliances
© 2015 IBM Corporation
IBM Security
10
People
Help enterprises to secure identities and access
Identities
Governance
Self-service
Simplified user experience
Privileged Users Management
Insider threats
Risk-based
Access control
People
Identities
Users
& Admins
Access
To Apps
© 2015 IBM Corporation
IBM Security
11
People
Identities
Access
To Applications
Users &
Administrators
Identity Governance & Intelligence
Security Identity Manager
Security Directory Suite
Identity Governance & Intelligence
Privileged Identity Manager
Security Access Manager for e-SSO
Datapower
Security Access ManagerCloud Identity Services
Mise à jour : 3 novembre 2016 12
Identities
LifecycleCompliance
Analytics
Identities
Pla
tform
IGI
SDS
Mise à jour : 3 novembre 2016 13
Access To Applications
FederationAdvanced Access
Control
Web Access Management
Pla
tform
Add-O
ns
ISAM
Mise à jour : 3 novembre 2016 14
Users & Administrators
Enterprise Users Administrators
SAM eSSO PIM
Access
Agent
Web Applications
Java Applications
Windows Applications
…
Mainframe
Applications
© 2015 IBM Corporation
IBM Security
15
Data Security
Analyze and secure sensitive data access
Identify
& Classify Data
Discover
Vulnerabilities
Protect
Sensible Data
Manage
Privileged Users
Protect Data
Extract
Test Data Sets
Mask Data
Monitor
Activity
Data
Test Data
Management
Protection
Activity
MonitoringAnalysis
© 2015 IBM Corporation
IBM Security
16
Data
Test Data
Management
Protection
Activity
MonitoringAnalysis
Optim TDM
Optim Data Masking
Guardium DAM
Guardium Data Redaction
Guardium Data Encryption
Guardium DAM
Guardium Data Privacy for Hadoop
Guardium for Files
Guardium VA
Guardium DAM
InfoSphere Discovery
Business Glossary
Watson Explorer
Mise à jour : 3 novembre 2016 17
Data Analysis
Unstructured Data
Structured Data
WatsonExplorer
Informationin motion
Variety of information
Discovery
ExtremeVolumes
Testing
InfoSphereDiscovery
BusinessGlossary
GuardiumVA
Optim
GuardiumDAM
Mise à jour : 3 novembre 2016 18
Activity Monitoring And Data Protection
Web Server
HTTP/HTTPS
Application
Server
GuardiumDAM
GuardiumEncryption
Data
Servers
Data Privacy For Hadoop
© 2015 IBM Corporation
IBM Security
19
Application Security
Test and protect applications
Applications Security Management
Protect
Deployed Applications
TestCode and Applications
Static
Analysis Dynamic
Analysis
Mobile
Applications
Priorities
Management
Compliance
Reports
Identify and handle risks
Applications
Application
Security
Mobile Apps
Protection
© 2015 IBM Corporation
IBM Security
20
Applications
Mobile Apps
Protection
Application
Security
Arxan Application Protection
AppScan
AppScan Source
Application Security on Cloud
Mise à jour : 3 novembre 2016 21
Application Development
Manual Pen Testing
SECURITY
BUILD
PRODUCTION
CODE
QA
Security requirements defined before design & implementation
AppScanSource
Integration in the development
team platform
AppScan
AppScanEnterprise
Mise à jour : 3 novembre 2016 22
Mobile Apps Protection
Manual Pen Testing
SECURITY
BUILD
PRODUCTION
CODE
QA
Security requirements defined before design & implementation
AppScanSource
Integration in the development
team platform
Security on Cloud
Arxan
© 2015 IBM Corporation
IBM Security
23
Web Fraud
Score financial transactions’ risk
Financial Fraud
Endpoints
Real-time data coming from millions
of protected endpoints
Risk
Scoring
Account
TakeoverMalwares
Workstation
Protection
Mobile
Protection
Web
Fraud
Endpoint
Protection
Risk
Analysis
© 2015 IBM Corporation
IBM Security
24
Web
Fraud
Endpoint
Protection
Trusteer Rapport
Trusteer Mobile SDK
Trusteer Mobile Browser
Risk
AnalysisTrusteer Pinpoint Detect
Trusteer Mobile Risk Engine
Mise à jour : 3 novembre 2016 25
Risk Analysis
WWW
Phishing Malwares
Online Financial Services
MalwareDetection
Account TakeOverDetection
Client Criminal
Rapport
Pinpoint Detect
End
po
ints
P
rote
ctio
nR
isk
An
alys
is
MobileSDK
Mobile Risks
Mise à jour : 3 novembre 2016 26
Endpoint Protection
WWW
Phishing Malwares
Client Criminal
Rapport
End
po
ints
P
rote
ctio
nR
isk
An
alys
is
MobileSDK
Online Financial Services
MalwareDetection
Account TakeOverDetection
Pinpoint Detect
Mobile Risks
Mobile Risk Engine
© 2015 IBM Corporation
IBM Security
27
Security Operations
End-to-end visibility over events and incidents
Risks & VulnerabilitiesIncidents Investigation
Forensics
Logs
Events
Real-time analysis
Anomaly detection
Prioritized
Incidents
Integrated Dashboard
Compliance Reports
Operations
Risks
& Vulnerabilities
Activity
Monitoring
Incident
Response
Incident Response
© 2015 IBM Corporation
IBM Security
28
Security
Operations
Risks &
Vulnerabilities
QRadar Vulnerability Manager
QRadar Risk Manager
AppScan Enterprise
Activity
MonitoringQRadar SIEM
QRadar Log Manager
QRadar qFlow Collector
QRadar vFlow Collector
QRadar Incident Forensics
QRadar Packet Capture
Incident
ResponseResilient
Security Intelligence on Cloud
Mise à jour : 3 novembre 2016 29
Activity Monitoring & Incident Management
Logs
Events Alerts
Configuration
information
System
audit trails
External
threat feeds
Network flows
and anomalies
Identity
context
Malware
information
QRadar SIEM
QRadar Log Manager
Prioritized
Incidents
Offenses
Detection
Resilient
Incident
Response
Mise à jour : 3 novembre 2016 30
Risks And Vulnerabilities
Vulnerabilities
Risks
AttacksExploits
QRadar VM
QRadar RM
QRadar SIEM
AppScanEnterprise
© 2015 IBM Corporation
IBM Security
31
IBM SecurityIntelligence. Integration. Expertise.
133 Countries where IBM delivers
managed security services
Collaboration Security App Exchange
X-Force Exchange
TOP 3 Enterprise security software vendor in total revenue
10K Clients protected including…
Cognitive Infused in existing solutions
Watson for CyberSecurity
Service
Expertise Community
Research
Cognitive
Solutions
© 2015 IBM Corporation
IBM Security
32
Security
Expertise
Community
ResearchX-Force Threat Intelligence
Security App Exchangehttp://www.ibm.com/security/engage/app-exchange/
X-Force Exchangehttps://exchange.xforce.ibmcloud.com/
Service
Solution Deployment
Consulting
Integration
Managed Service
Cognitive
SolutionsWatson for CyberSecurity
© 2015 IBM Corporation
IBM Security
33
People
Web
Fraud
Endpoint
Protection
Data
Test Data
Management
Protection
Activity
MonitoringAnalysis
Risk
Analysis
Infrastructure
Network
Traffic
Endpoints
SaaS
Services
Applications
Application
Security
Mobile Apps
Protection
z Systems
Operations
Service
Expertise Community
Research
Cognitive
Solutions
Risks
& Vulnerabilities
Activity
Monitoring
Incident
Response
Identities
Users
& Admins
Access
To Apps
The Security Chain Evolves Into An Immune System