Sherlock Managed Threat Intelligence from Anitian

SHERLOCKMANAGED THREAT INTELLIGENCE

ANITIAN

ANITIAN

2Why Sherlock?

• Target CIO Beth Jacob was “fired” from Target in 2014 because of a major breach• There was ample evidence of the breach, but

nobody responded to it• There is ample technology to detect

breaches• Somebody must analyze the data• Vital threat intelligence is not getting

communicated to leadership

intelligent information security

A N I T I A N

Anitian Sherlock puts actionable threat intelligence into the hands of leadership to fuel rapid response

intell igent informati on security

ANITIAN

4

“

”

Fight back with intelligence

Sherlock Vision Statement


ANITIAN

5

“

”

Empower leadership with actionable threat intelligence

Sherlock Mission Statement


ANITIAN

6What is Sherlock?

• We analyze the security data in your environment for evidence of compromise • We find the breach before it causes damage• We reduce the dwell time of an attacker• Analysis in context of latest threat intelligence • Sherlock Top 5 Threat Intelligence Report• Focuses you and your people on the threats that really matter


ANITIAN

7How Sherlock Works

• Our “Sherlocks” hunt through your environment looking for evidence of compromise• Our Tactics: • Alerts: Automated alerts that tip off our team• Hunt: Clues to a breach we search for• Case: An issue we are tracking in your

environment• Campaign: A collection of cases that share similar

attributes


ANITIAN

8Sherlock Threat Intelligence

• We collect, normalize, and refine threat intelligence from numerous sources• Intelligence is filtered to suit your business • Augment the intelligence our 20+ years of experience

with security operations• We configure the tools to seek out evidence of

attacks, breaches, or compromise • Machine intelligence + human intelligence = Sherlock


ANITIAN

9Service Options

• Intelligence Analysis• Sherlock Stack • Advanced Forensics • Incident Response Retainer • Penetration Testing• Risk Assessment


ANITIAN

10


Sherlock Threat Intelligence Report

ANITIAN

11The Sherlock Stack


ANITIAN

12Stack Technology

• Fortinet NGFW, IDS/IPS, Sandboxing• Cylance Advanced endpoint breach detection• Splunk SIEM• Darktrace Advanced network forensics• Click Security Advanced reporting and analytics• Websense Data loss prevention, web security• Nessus Vulnerability management • NNT Change management


ANITIAN

13Packages

• Sherlock.A Analytics• Sherlock.AS Analytics + Stack • Sherlock.ASF Analytics + Stack + Deep Forensics • Sherlock.CRM Continuous Risk Management• Sherlock.H Healthcare industry package• Sherlock.E Energy industry package• Sherlock.SecOps Security operations package


ANITIAN

14Additional Sherlock Services

Anitian can provide add-on services• RiskNow Rapid Risk Assessment • Network & Application Layer Penetration Testing• PCI Compliance assesments • SOC2 audits • Code review


ANITIAN

15Benefits

• Deep analysis and threat intelligence• Simple, hands-off• Actionable reports, no dizzying dashboards• Dedicated analyst• Data stays with you, no co-mingling • You own the technology• Most experienced security intelligence team in the world


ANITIAN

16The Team

• SANS Trained analysts• Focused on you• Dedicated person (with backups)• Hands on tech people• Senior analysts and forensic auditors available on

demand


ANITIAN

17Resource Requirements

• 5-10 days for setup of stack• 5-10 days of tuning• Reports begin flowing in 10-20 days • Less than 1 hour per week to review reports


ANITIAN

The Game is On


Protect your data

your business

and your job

with Sherlock

It’s elementary

[email protected]

anitian.com