SlideShare a Scribd company logo

Introducing Savvius Vigil

Download as PPTX, PDF
Savvius, Inc
Savvius, Inc

Savvius Vigil is the first network appliance able to intelligently store months of packet-level information to enhance security investigations. Savvius Vigil integrates with your existing SIEM platform to examine packets related to a breach weeks or months after the incident occurred. This information is often vital to a full understanding of the threat.

Technology
1 of 23
Savvius Vigil Enhancing Security Investigations With Critical Packet Data
Corporate Overview 2 Mission Savvius, Inc. Headquarters San Francisco Bay Area Customers Over 7,000: U.S., EMEA, APAC Founded 1990 Formerly WildPackets Create advanced, high-performance products that provide unprecedented insight into network performance issues and security incident investigations.
Corporate Overview 3 Savvius Tools for Network Professionals Software to view, analyze, and investigate. Network traffic capture and analytics appliances.
Corporate Overview 4 Data Center Authenticate Call Manager Secure WEB CITRIX App Delivery Controller App Delivery Controller APP APP APP SQL Cluster Oracle Cluster Core Switch Firewall Network Problems Occur in a Complex Environment Remote Office Corporate Campus Access Point Access Point Access Point Access Point Access Point Access Switch Integrated Services Router Wireless Controller Wireless Controller Content?Performance? Connectivity? Delays Latency Slowness Network access WLAN connects Intermittent drops Transaction verification Personnel Security What is the problem?
© Savvius, Inc. ‹#›Confidential Investigations “silo by silo” leave out critical insights. The network is the first one to be blamed! Computing Platforms Database Compute Storage Virtualization Network Wireless Data Center LAN WAN Application Operations Deployment Test Development Security Response Detection Forensics Traditional Approaches Don’t Work!
© Savvius, Inc. ‹#›Confidential Product Use Traffic Environment Storage Omnipliance Packet Capture for Troubleshooting Up to 16.5 Gbps Data centers, remote offices 4-128 TB Omnipliance WiFi WLAN troubleshooting including 802.11ac Up to 3.8 Gbps Enterprise WLAN 8TB Savvius Vigil Long-term packet storage for security investigations IDS performance up to 9 Gbps Cybersecurity infrastructure 64 or128 TB OmniPeek Professional Software for Analytics and Troubleshooting Platform Dependent Portable Network Analysis N/A OmniPeek Enterprise High performance software for Analytics and Troubleshooting Platform Dependent Network Analysis N/A Capture Engine For OmniPeek Software for remote troubleshooting and analysis Platform Dependent Distributed Platform Dependent USB WiFi Adapter for OmniPeek WLAN adapter for portable analysis 200Mbps Portable N/A Savvius Solutions
Corporate Overview 7 FinancialEducation Government Health Care / Retail Telecom Technology Global Customers
Introducing Savvius Vigil. Employing decades of network forensics expertise to enhance security investigations. Network insight for performance and security
Savvius Vigil does not prevent breaches. After all …
… perimeter defenses have become quite sophisticated. But …
perimeter security is never perfect. And …
Corporate Overview 12 … breaches are expensive. Source: Pixlcloud
Corporate Overview 13 Making packet data available for security investigations
Corporate Overview 14 Five Savvius Vigil Assumptions 1 You have assets to protect Financial information, patient records, confidential data 2 Your perimeter isn’t perfect Your organization is penetrated right now 3 Delayed discovery is inevitable Data breaches are typically discovered six months later 4 Network packets are valuable Security investigations need more than logs and events 5 You can’t store all network traffic Months of network traffic requires petabytes of storage
Savvius Vigil automatically extends the packet-enabled investigation window from hours to months.
Corporate Overview 16 How Savvius Vigil Works IDS/IPSIDS/IPSIDS/IPS Network Traffic An IDS/IPS generates events continuously ‒ Often for immediate investigation ‒ Each event includes a very limited amount of data Too many events to investigate each one ‒ IDS/IPS systems are tuned to match security team’s capability ‒ “Breaches will slip by…” It starts with your SIEM’s intrusion detection (or selected IP addresses) Events IDS Console
Corporate Overview 17 How Savvius Vigil Works IDS/IPSIDS/IPSIDS/IPS Network Traffic Savvius Vigil uses IDS/IPS events to filter packets out of the network traffic. Events IDS Console Integration with: HP ArcSight, Cisco FireSIGHT, Snort, Suricata More added regularly In addition! All traffic to high-value IP addresses can be stored
Corporate Overview 18 How Savvius Vigil Works Now5 minutes ago IP #1 IP #2 IP #3 IP #4 IP #5 IP #6 Savvius Vigil buffers ALL network traffic (represented here by 6 IP addresses) Step 1: An IDS event comes in, alerting on two IP addresses: Step 2: All packets between those addresses for up to five minutes before and after (settable) are stored: Step 3: Packets to or from one of those IP addresses are also stored (“Associated Conversations”) if desired: Step 4: Packets that are not associated with either event IP address are ignored:
Corporate Overview 19 0 250 500 750 1000 0 250 500 750 1000 Days of Stored Events Days Events/Day from IDS/IPS +/- 5 minutes +/- 2 minutes Note: Approximate, assuming 125 packets per second per conversation, 750 bytes per packet, multiple of 8.5 for Associated Conversations.
Corporate Overview 20 Investigating With Savvius Vigil Select and refine ‒ Select by date range, event(s), or IP addresses ‒ Refine by source, severity, and other characteristics Export and view packets ‒ Select time before and after event and whether to include packets in Associated Conversations ‒ Save and view in OmniPeek ‒ Save standard packet files Savvius Vigil makes packets available for immediate or long-term investigations.
Corporate Overview 21 Takeaways Packets are critical to effective investigations ‒ “Packets don’t lie” ‒ Investigating a security event without access to packets means all evidence is circumstantial and indirect Most breaches aren’t discovered right away ‒ Storing packets for months requires intelligent packet storage ‒ Manually selecting which packets to store isn’t good enough Savvius Vigil provides the answer ‒ Automatic, intelligent packet storage ‒ Organized access to relevant packets for immediate and long-term investigations ‒ See packets before and after events ‒ A vital addition to your existing security infrastructure
Demonstration Network insight for performance and security
Savvius Vigil Enhancing Security Investigations With Critical Packet Data

Recommended

All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisSavvius, Inc
 
Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkSavvius, Inc
 
Savvius_Introduction to workshop
Savvius_Introduction to workshopSavvius_Introduction to workshop
Savvius_Introduction to workshopSTelligence Company
 
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...Digital Bond
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalyticsconf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalyticsTom LaGatta
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 

Recommended

All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisSavvius, Inc
 
Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkSavvius, Inc
 
Savvius_Introduction to workshop
Savvius_Introduction to workshopSavvius_Introduction to workshop
Savvius_Introduction to workshopSTelligence Company
 
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...Digital Bond
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalyticsconf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalyticsTom LaGatta
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 
Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real lifeMona Arkhipova
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsColorTokens Inc
 
Positive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсsPositive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсsMona Arkhipova
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
How can Savvius help your organization?
How can Savvius help your organization?How can Savvius help your organization?
How can Savvius help your organization?STelligence Company
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC coreMona Arkhipova
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
Security Ops for large and small companies
Security Ops for large and small companiesSecurity Ops for large and small companies
Security Ops for large and small companiesMona Arkhipova
 
Runecast Analyzer Overview
Runecast Analyzer OverviewRunecast Analyzer Overview
Runecast Analyzer OverviewStanimir Markov
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programBhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programAPNIC
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bSylvain Martinez
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 
Network Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10GNetwork Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10GSavvius, Inc
 
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Jason Mashak
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Savvius, Inc
 
ServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for ShoretelServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for ShoretelServicePilot
 

More Related Content

What's hot

Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsColorTokens Inc
 
Positive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсsPositive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсsMona Arkhipova
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
How can Savvius help your organization?
How can Savvius help your organization?How can Savvius help your organization?
How can Savvius help your organization?STelligence Company
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
Security Ops for large and small companies
Security Ops for large and small companiesSecurity Ops for large and small companies
Security Ops for large and small companiesMona Arkhipova
 
Runecast Analyzer Overview
Runecast Analyzer OverviewRunecast Analyzer Overview
Runecast Analyzer OverviewStanimir Markov
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programBhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programAPNIC
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bSylvain Martinez
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 
Network Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10GNetwork Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10GSavvius, Inc
 
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Jason Mashak
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 

What's hot (20)

Risks vs real life
Risks vs real lifeRisks vs real life
Risks vs real life
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
 
Positive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсsPositive Hack Days 7 - Ransomware forensiсs
Positive Hack Days 7 - Ransomware forensiсs
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
How can Savvius help your organization?
How can Savvius help your organization?How can Savvius help your organization?
How can Savvius help your organization?
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEM
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC core
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
Security Ops for large and small companies
Security Ops for large and small companiesSecurity Ops for large and small companies
Security Ops for large and small companies
 
Runecast Analyzer Overview
Runecast Analyzer OverviewRunecast Analyzer Overview
Runecast Analyzer Overview
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programBhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
 
Network Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10GNetwork Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10G
 
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
Optimize & Secure Your Hybrid Cloud with Runecast (September 2021)
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
 

Viewers also liked

Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Savvius, Inc
 
ServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for ShoretelServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for ShoretelServicePilot
 
SIP dilivery methods and ROI
SIP dilivery methods and ROISIP dilivery methods and ROI
SIP dilivery methods and ROImarkbiltonsmith
 
SIP in Service Quality Monitoring
SIP in Service Quality MonitoringSIP in Service Quality Monitoring
SIP in Service Quality MonitoringTTI Telecom
 
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...Savvius, Inc
 
Introduction to TTI Telecom
Introduction to TTI TelecomIntroduction to TTI Telecom
Introduction to TTI TelecomTTI Telecom
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsSavvius, Inc
 
Capturing 802.11ac Data
Capturing 802.11ac DataCapturing 802.11ac Data
Capturing 802.11ac DataSavvius, Inc
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekSavvius, Inc
 
Spectrum management best practices in a Gigabit wireless world
Spectrum management best practices in a Gigabit wireless worldSpectrum management best practices in a Gigabit wireless world
Spectrum management best practices in a Gigabit wireless worldCisco Canada
 
Using WireShark with AirPCAP
Using WireShark with AirPCAPUsing WireShark with AirPCAP
Using WireShark with AirPCAPDavid Sweigert
 
Wardriving & Kismet Introduction
Wardriving & Kismet IntroductionWardriving & Kismet Introduction
Wardriving & Kismet IntroductionLance Howell
 
carnet-wifi-test-results
carnet-wifi-test-resultscarnet-wifi-test-results
carnet-wifi-test-resultsMichal Jarski
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint GroupSavvius, Inc
 
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless AnalysisSavvius, Inc
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Savvius, Inc
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network PentestrationKHNOG
 
ThousandEyes VoIP Performance Management
ThousandEyes VoIP Performance Management ThousandEyes VoIP Performance Management
ThousandEyes VoIP Performance Management ThousandEyes
 

Viewers also liked (20)

Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2
 
ServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for ShoretelServicePilot VoIP and UC monitoring for Shoretel
ServicePilot VoIP and UC monitoring for Shoretel
 
SIP dilivery methods and ROI
SIP dilivery methods and ROISIP dilivery methods and ROI
SIP dilivery methods and ROI
 
SIP in Service Quality Monitoring
SIP in Service Quality MonitoringSIP in Service Quality Monitoring
SIP in Service Quality Monitoring
 
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...
Improving the IP Telephony Experience: How to Troubleshoot Converged Networks...
 
Introduction to TTI Telecom
Introduction to TTI TelecomIntroduction to TTI Telecom
Introduction to TTI Telecom
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and Forwards
 
Capturing 802.11ac Data
Capturing 802.11ac DataCapturing 802.11ac Data
Capturing 802.11ac Data
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with Omnipeek
 
Spectrum management best practices in a Gigabit wireless world
Spectrum management best practices in a Gigabit wireless worldSpectrum management best practices in a Gigabit wireless world
Spectrum management best practices in a Gigabit wireless world
 
Using WireShark with AirPCAP
Using WireShark with AirPCAPUsing WireShark with AirPCAP
Using WireShark with AirPCAP
 
Wi fi-stress-test
Wi fi-stress-testWi fi-stress-test
Wi fi-stress-test
 
Wardriving & Kismet Introduction
Wardriving & Kismet IntroductionWardriving & Kismet Introduction
Wardriving & Kismet Introduction
 
carnet-wifi-test-results
carnet-wifi-test-resultscarnet-wifi-test-results
carnet-wifi-test-results
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group
 
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis
802.11ac - Wireless Gigabit Speeds Driving Changes in Wireless Analysis
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network Pentestration
 
ThousandEyes VoIP Performance Management
ThousandEyes VoIP Performance Management ThousandEyes VoIP Performance Management
ThousandEyes VoIP Performance Management
 

Similar to Introducing Savvius Vigil

Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunk
 
Enterprise Sec + User Bahavior Analytics
Enterprise Sec + User Bahavior AnalyticsEnterprise Sec + User Bahavior Analytics
Enterprise Sec + User Bahavior AnalyticsSplunk
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudAmazon Web Services
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Splunk
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert serviceMinh Le
 
Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysisCARMEN ALCIVAR
 
MIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptxMIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptxCouronne1
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
SplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunk
 
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadków
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadkówPLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadków
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadkówPROIDEA
 
PPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALPPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALRisi Avila
 
Managed security services
Managed security servicesManaged security services
Managed security servicesmanoharparakh
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
 

Similar to Introducing Savvius Vigil (20)

Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout Session
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for Security
 
Enterprise Sec + User Bahavior Analytics
Enterprise Sec + User Bahavior AnalyticsEnterprise Sec + User Bahavior Analytics
Enterprise Sec + User Bahavior Analytics
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert service
 
Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysis
 
Security and-visibility
Security and-visibilitySecurity and-visibility
Security and-visibility
 
MIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptxMIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptx
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
security onion
security onionsecurity onion
security onion
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
OSSIM Overview
OSSIM OverviewOSSIM Overview
OSSIM Overview
 
SplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSA
 
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadków
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadkówPLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadków
PLNOG19 - Gaweł Mikołajczyk & Michał Garcarz - SOC, studium ciężkich przypadków
 
Post Wannacry Update
Post Wannacry UpdatePost Wannacry Update
Post Wannacry Update
 
PPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALPPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINAL
 
Managed security services
Managed security servicesManaged security services
Managed security services
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 

More from Savvius, Inc

You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersSavvius, Inc
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?Savvius, Inc
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?Savvius, Inc
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network Savvius, Inc
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...Savvius, Inc
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewSavvius, Inc
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Savvius, Inc
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Savvius, Inc
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring Savvius, Inc
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
Omnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableOmnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableSavvius, Inc
 
Real-Time Visibility into High Speed Networks
Real-Time Visibility into High Speed NetworksReal-Time Visibility into High Speed Networks
Real-Time Visibility into High Speed NetworksSavvius, Inc
 
Bringing Big Data Analytics to Network Monitoring
Bringing Big Data Analytics to Network MonitoringBringing Big Data Analytics to Network Monitoring
Bringing Big Data Analytics to Network MonitoringSavvius, Inc
 
Network Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeekNetwork Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeekSavvius, Inc
 
The blind spot in virtual servers - seeing with network analysis
The blind spot in virtual servers - seeing with network analysisThe blind spot in virtual servers - seeing with network analysis
The blind spot in virtual servers - seeing with network analysisSavvius, Inc
 
Introducing network analysis and data capture for 802.11ac
Introducing network analysis and data capture for 802.11acIntroducing network analysis and data capture for 802.11ac
Introducing network analysis and data capture for 802.11acSavvius, Inc
 
802.11-2012 Update
802.11-2012 Update802.11-2012 Update
802.11-2012 UpdateSavvius, Inc
 
Real Packets from Virtual Servers
Real Packets from Virtual ServersReal Packets from Virtual Servers
Real Packets from Virtual ServersSavvius, Inc
 

More from Savvius, Inc (20)

You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper Preview
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN Analysis
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
Omnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableOmnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise Affordable
 
Real-Time Visibility into High Speed Networks
Real-Time Visibility into High Speed NetworksReal-Time Visibility into High Speed Networks
Real-Time Visibility into High Speed Networks
 
Bringing Big Data Analytics to Network Monitoring
Bringing Big Data Analytics to Network MonitoringBringing Big Data Analytics to Network Monitoring
Bringing Big Data Analytics to Network Monitoring
 
Network Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeekNetwork Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeek
 
The blind spot in virtual servers - seeing with network analysis
The blind spot in virtual servers - seeing with network analysisThe blind spot in virtual servers - seeing with network analysis
The blind spot in virtual servers - seeing with network analysis
 
Introducing network analysis and data capture for 802.11ac
Introducing network analysis and data capture for 802.11acIntroducing network analysis and data capture for 802.11ac
Introducing network analysis and data capture for 802.11ac
 
802.11-2012 Update
802.11-2012 Update802.11-2012 Update
802.11-2012 Update
 
Real Packets from Virtual Servers
Real Packets from Virtual ServersReal Packets from Virtual Servers
Real Packets from Virtual Servers
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 

Introducing Savvius Vigil

  • 1. Savvius Vigil Enhancing Security Investigations With Critical Packet Data
  • 2. Corporate Overview 2 Mission Savvius, Inc. Headquarters San Francisco Bay Area Customers Over 7,000: U.S., EMEA, APAC Founded 1990 Formerly WildPackets Create advanced, high-performance products that provide unprecedented insight into network performance issues and security incident investigations.
  • 3. Corporate Overview 3 Savvius Tools for Network Professionals Software to view, analyze, and investigate. Network traffic capture and analytics appliances.
  • 4. Corporate Overview 4 Data Center Authenticate Call Manager Secure WEB CITRIX App Delivery Controller App Delivery Controller APP APP APP SQL Cluster Oracle Cluster Core Switch Firewall Network Problems Occur in a Complex Environment Remote Office Corporate Campus Access Point Access Point Access Point Access Point Access Point Access Switch Integrated Services Router Wireless Controller Wireless Controller Content?Performance? Connectivity? Delays Latency Slowness Network access WLAN connects Intermittent drops Transaction verification Personnel Security What is the problem?
  • 5. © Savvius, Inc. ‹#›Confidential Investigations “silo by silo” leave out critical insights. The network is the first one to be blamed! Computing Platforms Database Compute Storage Virtualization Network Wireless Data Center LAN WAN Application Operations Deployment Test Development Security Response Detection Forensics Traditional Approaches Don’t Work!
  • 6. © Savvius, Inc. ‹#›Confidential Product Use Traffic Environment Storage Omnipliance Packet Capture for Troubleshooting Up to 16.5 Gbps Data centers, remote offices 4-128 TB Omnipliance WiFi WLAN troubleshooting including 802.11ac Up to 3.8 Gbps Enterprise WLAN 8TB Savvius Vigil Long-term packet storage for security investigations IDS performance up to 9 Gbps Cybersecurity infrastructure 64 or128 TB OmniPeek Professional Software for Analytics and Troubleshooting Platform Dependent Portable Network Analysis N/A OmniPeek Enterprise High performance software for Analytics and Troubleshooting Platform Dependent Network Analysis N/A Capture Engine For OmniPeek Software for remote troubleshooting and analysis Platform Dependent Distributed Platform Dependent USB WiFi Adapter for OmniPeek WLAN adapter for portable analysis 200Mbps Portable N/A Savvius Solutions
  • 7. Corporate Overview 7 FinancialEducation Government Health Care / Retail Telecom Technology Global Customers
  • 8. Introducing Savvius Vigil. Employing decades of network forensics expertise to enhance security investigations. Network insight for performance and security
  • 9. Savvius Vigil does not prevent breaches. After all …
  • 10. … perimeter defenses have become quite sophisticated. But …
  • 11. perimeter security is never perfect. And …
  • 12. Corporate Overview 12 … breaches are expensive. Source: Pixlcloud
  • 13. Corporate Overview 13 Making packet data available for security investigations
  • 14. Corporate Overview 14 Five Savvius Vigil Assumptions 1 You have assets to protect Financial information, patient records, confidential data 2 Your perimeter isn’t perfect Your organization is penetrated right now 3 Delayed discovery is inevitable Data breaches are typically discovered six months later 4 Network packets are valuable Security investigations need more than logs and events 5 You can’t store all network traffic Months of network traffic requires petabytes of storage
  • 15. Savvius Vigil automatically extends the packet-enabled investigation window from hours to months.
  • 16. Corporate Overview 16 How Savvius Vigil Works IDS/IPSIDS/IPSIDS/IPS Network Traffic An IDS/IPS generates events continuously ‒ Often for immediate investigation ‒ Each event includes a very limited amount of data Too many events to investigate each one ‒ IDS/IPS systems are tuned to match security team’s capability ‒ “Breaches will slip by…” It starts with your SIEM’s intrusion detection (or selected IP addresses) Events IDS Console
  • 17. Corporate Overview 17 How Savvius Vigil Works IDS/IPSIDS/IPSIDS/IPS Network Traffic Savvius Vigil uses IDS/IPS events to filter packets out of the network traffic. Events IDS Console Integration with: HP ArcSight, Cisco FireSIGHT, Snort, Suricata More added regularly In addition! All traffic to high-value IP addresses can be stored
  • 18. Corporate Overview 18 How Savvius Vigil Works Now5 minutes ago IP #1 IP #2 IP #3 IP #4 IP #5 IP #6 Savvius Vigil buffers ALL network traffic (represented here by 6 IP addresses) Step 1: An IDS event comes in, alerting on two IP addresses: Step 2: All packets between those addresses for up to five minutes before and after (settable) are stored: Step 3: Packets to or from one of those IP addresses are also stored (“Associated Conversations”) if desired: Step 4: Packets that are not associated with either event IP address are ignored:
  • 19. Corporate Overview 19 0 250 500 750 1000 0 250 500 750 1000 Days of Stored Events Days Events/Day from IDS/IPS +/- 5 minutes +/- 2 minutes Note: Approximate, assuming 125 packets per second per conversation, 750 bytes per packet, multiple of 8.5 for Associated Conversations.
  • 20. Corporate Overview 20 Investigating With Savvius Vigil Select and refine ‒ Select by date range, event(s), or IP addresses ‒ Refine by source, severity, and other characteristics Export and view packets ‒ Select time before and after event and whether to include packets in Associated Conversations ‒ Save and view in OmniPeek ‒ Save standard packet files Savvius Vigil makes packets available for immediate or long-term investigations.
  • 21. Corporate Overview 21 Takeaways Packets are critical to effective investigations ‒ “Packets don’t lie” ‒ Investigating a security event without access to packets means all evidence is circumstantial and indirect Most breaches aren’t discovered right away ‒ Storing packets for months requires intelligent packet storage ‒ Manually selecting which packets to store isn’t good enough Savvius Vigil provides the answer ‒ Automatic, intelligent packet storage ‒ Organized access to relevant packets for immediate and long-term investigations ‒ See packets before and after events ‒ A vital addition to your existing security infrastructure
  • 22. Demonstration Network insight for performance and security
  • 23. Savvius Vigil Enhancing Security Investigations With Critical Packet Data

Editor's Notes

  1. Purpose: Teaching moment: Complexity has only increased, solving the problem of “why it’s slow” is still a major undertaking Even having visibility into all of these elements of the network (using silo’d tools) does not provide you with a quick answer to where the problem lies.
  2. Guide for using this slide: Key Purpose: The primary purpose of this slide is to teach challenge the traditional approach of a single tool for each silo, and that the missing component is a focus on the end user’s delivery Together these items can be thought of as the delivery fabric. And the amount of time that it takes the user to traverse these elements is typically not tracked. Story line: Despite the fact that the user interacts through all of these components, it’s typically the network that’s the first one to be blamed! That means that by default it’s the network team that’s responsible for End User Response Time (not by your choosing!).