Post on 27-May-2018
2
300+Patents
#1Ranked
ITOM Vendorby Gartner for 3
consecutive years
$8BInvestment
82%Fortune 500
Use BMC for their
digital services
10KCustomers
Public SectorRetailFinancials CPGHealthcare Telco Business Services
The World’s Best and Most
Innovative Companies Trust BMC…
5
Online Banking
Penetration
India has about 470 million banking customers out of which 60 million do online
banking; these numbers will grow by 173 million – as per analyst reports
6
DIGITAL WORLD is under attack
Syndicates
Lone
Wolf
Governments
Stolen
credentials
Exploit
backdoors
Malware
Hacking
Brute Force
Spyware
PhishingFun
Grudge
Financial
Boredom
Espionage
Ideology
7
There’s so many more
vectors that are easier, less
risky and quite often more
productive than [zero day
excursions]. This includes,
of course, known
vulnerabilities for which a
patch is available but the
owner hasn’t installed it.
“
Rob Joyce
Chief, Tailored Access Operations (TAO)
National Security Agency
ATTACKS
80%
More than 80%
of attacks target
known
vulnerabilities
FIX READY
99.9%
99.9% of exploits
were compromised
over a year after
the CVE was
published
Known Vulnerabilities
are the Biggest Threat
8
Manual interventions for broken
processes
No visibility to actionable
threat information
193Increasing number of complex
regulatory standards
Challenge to balance security &
compliance actions against risk of
sacrificing uptime/performance
Days to resolve
average
vulnerability
Lack of Integration
Between Security and
Operations Creates a
SecOps Gap
9
CVE
Up to 40% of
work sent to Ops has been seen before
On average, every
1000servers have
1-2 FTE working to analyze and plan action on vulnerability data
Manual or Semi-automated Remediation is Slow and Error –Prone creating a large backlog and an average time to remediation of
193 days
Manual change ticket creation takes
45 min but it takes
5 min to fix a server
Asset discovery and dependency mapping is manual and rarely without gaps attempting to
cover 1000sof assets
OPERATIONS SECURITY
DELAYS DELAYS DELAYS DELAYS
SecOps Gap - Speed and Scale Impacts
10
Handled Manually Each
Exception is 2-3 Hrs,
Exceptions are 2-3 per
server per quarter
Each Approver Slows
Process – More Risk
More Approvers
For every 500
Servers 1 FTE
Digests Report and
Plans Remediation
Security
OPSCHANGE TICKET
OPENED
MANUALLY
VULNERABILITIES
DISCOVERED
WITH SCANS
REMEDIATION
ANALYSIS AND
BUILD
CHANGE TICKET
CLOSED
REMEDIATION
EXECUTED
COMPLIANCE
REPORTING
CAB APROVAL
(DUE TO RISK)
VERIFIED
COMPLIANCE
APP TEAMS
GETTING
EXCEPTIONS
REPORT
CREATED
SENT TO OPS
OPS DIGESTS
REPORT AND
PLANS
WORK
EXTRA CHANGE
DOCUMENTATION
POTENTIALLY
MANY
APPROVALSAPPs
Typical Workflow
11
Handled Manually Each
Exception is 2-3 Hrs,
Exceptions are 2-3 per
server per quarter
Each Approver Slows
Process – More Risk
More Approvers
For every 500
Servers 1 FTE
Digests Report and
Plans Remediation
Security
OPSCHANGE TICKET
OPENED
MANUALLY
VULNERABILITIES
DISCOVERED
WITH SCANS
REMEDIATION
ANALYSIS AND
BUILD
CHANGE TICKET
CLOSED
REMEDIATION
EXECUTED
COMPLIANCE
REPORTING
CAB APROVAL
(DUE TO RISK)
VERIFIED
COMPLIANCE
APP TEAMS
GETTING
EXCEPTIONS
REPORT
CREATED
SENT TO OPS
OPS DIGESTS
REPORT AND
PLANS
WORK
EXTRA CHANGE
DOCUMENTATION
POTENTIALLY
MANY
APPROVALSAPPs
SecOps Workflow
NOW
AUTOMATED
12
COMPLIANCE RISK(GAP AGAINST POLICY)
>
>Private cloud
Data center (corporate IT)
Public Cloud
VULNERABILITY RISK
>
>
REGULATORY | OPERATIONAL | SECURITY
ATTACK SURFACE | EXPOSURE WINDOW
SERVER NETWORK
Security Scans
Private cloud
Data center (corporate IT)
Public Cloud
SecOps – Integrated and AutomatedOne SecOps Solution for 2 Risk Exposures
Unmanaged
AUTOMATEDREMEDIATION
10% Coverage with UNKNOWN Risks~ 193 Days or Unknown
90% Coverage, With Known Risk~ 10-45 Days based on severity/risk
13
“Audit Ready” All the Time
Governance and Auditability
Accelerate Closure of Risk
WindowsActionable Information
Smart/Balanced Decision Making
Blind Spot Analysis
The Value of BMC’s SecOps SolutionVigilant, Precise and Relentless Automation to Accelerate and Scale Security Operations Workflow
Vigilant
Compliance
Precise
Threat Analysis
Relentless
Remediation
SecOpsIntegrated and
Automated
14
• Enriched, actionable threat data for immediate
use by IT Ops and analysis by Security
• Operator Dashboard - “To do” list to address
threats based on policy and impact insuring
most critical issues fixed first.
• Security Dashboard - First time ever view for
Security into operational plans with visibility
into planned actions, predictive SLA, and
burndown
Integrated Data for
Security and Operations
Integrated Visibility to Build Trust
15
Consistent and trackable
application of policies
• Maintain vigilance with a full cycle of system
discovery, monitoring, remediation, and change
control
• Integrated documentation and remediation
simplifies repair, rollback, and configuration
updates
• Easy to use out of the box regulatory
compliance content, policies, and remediations,
which reduces time for audit compliance
Drive Compliance & Best Practices
16
• Automatic correlation of discovered
vulnerabilities and patches
• Remediate vulnerabilities based on severity
and priorities
• Network vulnerability identification and
remediation action capabilities
• Direct closed loop integration with Change
Management
Pursue vulnerabilities swiftly
and efficiently
Accelerate and Scale Remediation
17
Customer Success
with BMC SECOPS
State of Michigan
Reduced time for Audit report creation from
32 hours to 15 minutes
Reduced time for server
provisioning from
2 months to 5 days
Reduced 9,000+ staff hours by automatically remediating
94,273 events
BMC's BladeLogic Threat Director will enable the security and operations teams to see what the other is doing, opening a dialog to allow the most urgent issues to be addressed first while balancing the operations team's need for uptime.— Tracy McMahan, IT Support Coordinator, F. Korbel & Bros, Inc.