DEEP DIVE Deep - Netwrix...DEEP DIVE Netwrix Auditor Deep Dive Insider Threat Detection. Welcome ......

Roy Lopez

Systems Engineer

Netwrix Auditor Risk Assessment

DEEP DIVENetwrix Auditor

DeepDive

Insider ThreatDetection

Welcome

Account Executive, NetwrixEmail: [email protected]

Evgenia Izotova

Project manager, Real Security d.o.o.Email: [email protected]

Daniel Bednjički

Systems engineer, Real Security d.o.o.Email: [email protected]

Dejan Bidovec

Type your question

here

Click “Send”

Housekeeping

§ All attendees are on mute.

§ Ask your questions!

§ Questions will be answered during the session or in the Q&A at the end.

§ You will receive the slides and webinar recording in a follow-up email.

§ The webinar should take about 60 minutes.

§ Let’s get started!

Introduction:

§ About Netwrix

§ About Real Security

§ About Netwrix in Slovenia

Deep Dive: Insider threat detection:

§ Key Factors

§ Briefly about Netwrix Auditor

§ Insider Threat Detection

Q&A

Agenda

About Netwrix Corporation

Year of foundation: 2006

Headquarters location: Irvine, California

Global user base: over 10,000

Recognition:

7 years among the fastest growing software

companies in the US

More than 140 industry awards

Netwrix Worldwide CustomersFinancial Healthcare and Pharmaceutical

Federal, State & Local Government Education

Industrial and Technology Business Services

Netwrix Auditor Evolution

2008 2018

Standalone Change Auditing Tools

Unified Platform for Change, Configuration

and Access Auditing

Visibility Platform for User Behavior Analysis

and Risk Mitigation

File Analysis

Alerts on Threat Patterns

Compliance Reports

Virtual and Cloud Deployment

RESTful APIInteractive Search

Dashboards

Predefined Change Auditing Reports

Risk Assessment

Behavior Anomaly Discovery

Add-on Store

Visibility and Governance Platform for

Hybrid Cloud Security

2013 2016 2017

Data Discovery & Classification Edition

2019

User Profile

Automated Response

Agentless Data Security Platform

REAL Security- Value-add Distribution & ConsultingYear of foundation: 2002

Headquarters location: Maribor, Slovenia

Portfolio: Security and networking products like Netwrix and many many more ( list of all vendors can be found here-https://www.real-sec.com/vendors/Primary focusEnsuring secure and optimized IT environmentBuilding loyal and trustworthy partnershipsTerritoryAdriatic region

Additional activities: annualy organizing the biggest IT Security conference RISK , issuing REAL INFO magazine

https://www.real-sec.com/vendors/

REAL Security - Value-add Distribution & Consulting

“Netwrix is not like any other vendor we have ever had. All the teams we work with are flexible, easy to get to, responsive and ready to help. Although we have partnered with Netwrix for just half a year, I can already see that the company is doing its best. It is not only about lead generation, but also about raising awareness on the market, supporting partners, and educating customers on how they can solve their problems more efficiently. That’s why I call Netwrix a fresh breeze in our portfolio.”

Daniel Bednjički, Project Manager, REAL security.

Netwrix customers in Europe and in Slovenia

HBOR use case

Netwrix solutions:

Continuous control over activities

around file storage

Reduced time on monitoring and reporting

Improved internal IT operations

Challenges:

Reduce workload of the IT team

Gain better control over data access

Simplify reporting to the management

Ključni dejavniki

Tehnološki dejavniki

Človeški dejavniki

Organizacijski dejavniki

O Netwrix Auditor-ju

Netwrix Auditor je varnostna platforma, ki deluje brez agentov in omogoča podjetjem, da natančno identificirajo in odkrijejo občutljive, regulirane informacije in informacije, ki so kritičnega pomena ter ustrezno uveljavijo nadzor dostopa do teh informacij, ne glede na to, kje je informacija shranjena.

Podjetjem omogoča, da zmanšajo riziko vdora v podatke in zagotavlja skaldnost s predpisi s tem, da aktivno zamanjšuje izpostavljenost občutljivih podatkov in hitro odkriva kakršnekoli kršitve in sumljivo obnašanje uporabnikov.

Netwrix Auditor

Netwrix Podatkovni viri

Netwrix Auditor for Active Directory

Netwrix Auditor for Windows File Servers

Netwrix Auditor for Oracle Database

Netwrix Auditor for Azure AD

Netwrix Auditor for EMC

Netwrix Auditor for SQL Server

Netwrix Auditor for Exchange

Netwrix Auditor for NetApp

Netwrix Auditor for Windows Server

Netwrix Auditor for Office 365

Netwrix Auditor for SharePoint

Netwrix Auditor for VMware

Netwrix Auditor for Network Devices

Add-on forAmazon Web Services

Add-on forGeneric Linux Syslog

Add-on forSplunk

Add-on forServiceNow ITSM

Add-on forIBM QRadar

Infrastructure Unstructured Data Structured Data Cloud Free Add-ons

Data Discovery & Classification

Prikaz delovanjaNetwrix Auditor

Netwrix Auditor Arhitektura

Netwrix Auditor za Active Directory • AD in Group policy spremembe

• Informacije o nastavitvah v realnem času

• Nadzor/spremljanje prijav

• Spremljanje neaktivnih uporabnikov

• Obveščanje o poteklih geslih

• Rollback opcija sprememb













Netwrix Auditor za Windows File Servers • Spremembe datotek, datotečnih map, deljenih

datotek in map ter pravic

• Uspešni in neuspešni poskusi dostopa

• Poročanje o analizi datotek

• Informacije o nastavitvah v realnem času













Netwrix Auditor za Windows Server • Spremembe v konfiguraciji strežnikov,

ki so na osnovi WIN strežnika

• Dnevniški zapisi, IIS, DNS

• Snemanje aktivnosti uporabnika













Netwrix Auditor za Office 365• Exchange Online administrativen spremembe, spremembe v

elektronskih predalih, uporabnikih elektronske pošte,

skupinah, dovolilnicah, politiki in vlogah upravljanja

• Spremljanje dostopov do poštnih predalov brez lastnika

• SharePoint Online in OneDrive for Business konfiguracija,

varnost in spremembe vsebine, in dogodki o dostopu do

podatkov













Netwrix Auditor Konzola

Hiter pregled

Ocena tveganja

Nepravilnosti v obnašanju

Sumljive aktivnosti uporabnika

Obveščanje

Dostop do podatkov

Snemanje aktivnosti uporabnika

Priprava poročil

Useful Linksü Free trial: https://www.netwrix.com/auditor.html

ü Download Netwrix Virtual Appliance: https://www.netwrix.com/virtual_appliances.html

ü Knowledge base https://kb.netwrix.com/

ü Visit Real Security website for any questions: https://www.real-sec.com/

https://www.netwrix.com/auditor.html

https://www.netwrix.com/virtual_appliances.html

https://kb.netwrix.com/

https://www.real-sec.com/

Hvala/Thank You!

www. .com

Vprašanja/ Questions?

Evgenia IzotovaAccount Executive, Netwrix

Email: [email protected]

Daniel BednjičkiProject manager, Real Security d.o.o.


Dejan BidovecSystems engineer, Real Security d.o.o.


www. .com

DEEP DIVE Deep - Netwrix...DEEP DIVE Netwrix Auditor Deep Dive Insider Threat Detection. Welcome ......

Documents

Transcript of DEEP DIVE Deep - Netwrix...DEEP DIVE Netwrix Auditor Deep Dive Insider Threat Detection. Welcome ......