Upload
hoangtuong
View
219
Download
4
Embed Size (px)
Citation preview
Risk Assessment:
Unveil hidden risks and minimize your attack
surface
Presenter:
Roy Lopez
Systems Engineer
Type your question
here
Click “Send”
Housekeeping
• All attendees are on mute
• Ask your questions!
• Questions will be answered during the session or at the Q&A at the end
• You will receive a copy of slides and webinar recording in the follow-up email
• Duration: Up to 60 minutes
• We hope you enjoy!
Netwrix Auditor 9.5
Identify, Assess and Reduce Risks to Your
IT Infrastructure and Data
IT Risk Assessment_______________________________________
Identify and prioritize risks to makesmarter IT security decisions and
close security holes
#1: What are your organization’s critical information technology assets
#2: What are the top five business processes that utilize or require this information?
#3: What threats could affect the ability of those business functions to operate?
IT Risk Assessment Checklist ebook
https://try.netwrix.com/risk-assessment-checklist-
blog?cID=70170000000kgEZ
Getting started with Risk Assessment
Risk = Threat x Vulnerability x Asset
High Risk = Damage
• Data loss
• System or application downtime
• Legal consequences
What is Risk?
Step 1: Identify and Prioritize Assets
Step 2: Identify Threats
Step 3: Identify Vulnerabilities
Step 4: Analyze Controls
Step 5: Determine the Likelihood of an Incident
Step 6: Assess the Impact a Threat Could Have
Step 7: Prioritize the Risks
Step 8: Recommend Controls
Step 9: Document the Results
Step 10: Constantly begin anew this cycle
Risk Assessment Procedure
IT Risk Assessment In Netwrix Auditor 9.5:
• A set of interactive dashboards primarily for Active Directory, and File
Servers
• A set of interactive dashboards for Windows Servers
• Based on State-in-Time data
• Actionable intelligence to identify and close security gaps
• Detecting Stale Accounts in Active Directory
IT Risk Assessment
File names containingsensitive data
No file names that suggest sensitive data is inside
One file with a name suggesting that sensitive data is inside
Multiple files with names suggesting that sensitive data
is inside
Potentially harmful files on file shares
No executables on file shares One executable on file sharesSeveral executables on file
shares
User accounts with administrativeprivileges
A small proportion of users have administrative privileges
A significant proportion of users have administrative privileges
A large proportion of users have administrative privileges
ACCEPTABLE PAY ATTENTION TAKE ACTION
IT Risk Assessment. Risk Levels
Netwrix Auditor Intelligence Guide – Pages 44 through 48
IT Risk Assessment. Use Cases
Compliance checksPeriodic Assessments
!
✓
✗
✗
✗
✗
Initial Clean Up
How to Perform IT Risk Assessmenthttps://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/
How to Jump-Start GDPR Risk Assessmenthttps://blog.netwrix.com/2018/01/11/how-to-jump-start-gdpr-risk-assessment/
Demonstration
Netwrix Auditor
Netwrix Auditor Applications
Netwrix Auditor for Active Directory
Netwrix Auditor for Windows File Servers
Netwrix Auditor for Oracle Database
Netwrix Auditor for Azure AD
Netwrix Auditor for EMC
Netwrix Auditor for SQL Server
Netwrix Auditor for Exchange
Netwrix Auditor for NetApp
Netwrix Auditor for Windows Server
Netwrix Auditor for Office 365
Netwrix Auditor for SharePoint
Netwrix Auditor for VMware
GA
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
Netwrix Customers
All awards: www.netwrix.com/awards
Industry Awards and Recognition
Free Trial: setup in your own test environment:
On-premises: netwrix.com/freetrial
Virtual: netwrix.com/go/appliance
Cloud: netwrix.com/go/cloud
Test Drive: run a virtual POС in a Netwrix-hosted test lab netwrix.com/testdrive
Live Demo: product tour with Netwrix expert netwrix.com/livedemo
Contact Sales to obtain more information netwrix.com/contactsales
Webinars: join our upcoming webinars and watch the recorded sessions
• netwrix.com/webinars
• netwrix.com/webinars#featured
Next Steps