Unisys Advanced Machine Learning Cyber Security Analytics presentation
-
Upload
unisys-corporation -
Category
Data & Analytics
-
view
167 -
download
0
Transcript of Unisys Advanced Machine Learning Cyber Security Analytics presentation
May 2017
Advanced Machine Learning Cyber Security Analytics
© 2017 Unisys Corporation. All rights reserved. 22
Unisys Builds Large Advanced Data Analytics Mission Critical Knowledge Environments
We process more than 1.3 Billion transactions a day and 700,000 queries a day predicting threats against the US.
Unisys has been supporting DHS for more than 15 years.
On a Typical Day, Department of Homeland Security-
Customs and Border Protection (DHS-CBP)
• Processes 932,456 passengers and pedestrians
• Processes 64,483 truck, rail, and sea containers
• Seizes 13,717 pounds of drugs
© 2017 Unisys Corporation. All rights reserved. 33
Unisys Advanced Cyber Intelligence Platform
• Behavioral Anomaly Detection Models
– Models for the prediction of malicious network activity across the enterprise
– Works with your current Security information and event management (SIEM)
• Threat Intelligence Engine
– Models providing increased visibility into known threats
– Improved context and intelligence through the correlation of multiple threat feeds
– Unique partnership with Team Cymru, Recorded Future, Farsight and Unisys Intelligence Feeds
• Advanced Dynamic Microsegmentation Model
– Utilizes network data to provide near real time microsegmentation
– Integrates with most Software Designed Security (SDS) Solutions including Unisys Stealth
Our Cyber Intelligence
Platform can easily be
integrated with your
current Security
Operations Center
(SOC) operations for
increased security
capabilities leveraging
machine learning and
predictive models
© 2017 Unisys Corporation. All rights reserved. 44
Cyber Intelligence Platform
© 2017 Unisys Corporation. All rights reserved. 55
Reconnaissance
Lateral movement
Command and control
Exfiltration
Threat behavior use cases
IP address
Host name
URL
UserID
Hash
Registry entryand file
Discrete indicators of compromiseVulnerabilities
Compliance
Malware analysis
Open source intel
Industry licensed intel
Unisys-specific intel
Advanced Predictive Model API
MSS Cyber Threat Intelligence
• Normalization
• Threat actor tracking
• Attacker use cases
Managed Security Services (MSS) Cyber Threat
Intelligence Team
Unisys Cyber Threat Intelligence Platform
UnisysSOC Network
© 2017 Unisys Corporation. All rights reserved. 66
Retail Bank Social and Dark Web Threat IntelligenceBusiness Problem • Need for additional threat intelligence and context
for risks to the enterprise
Business Benefits• Physical threat to locations and executives
• Intelligence on dark web chatter specifically focused on the brand and banking threats in general
• Exposed network credentials, phishing attempts, CC numbers and advanced intelligence prior to events
• Integration with current SIM and security tools for easy implementation into existing processes
Our Solution• Our unified social and dark web listening solution
eliminates noise and provides a level of intelligence that has not been available before
© 2017 Unisys Corporation. All rights reserved. 77
Large Utility ClientAdvanced ML and Predictive Threat DetectionBusiness Problem • Ingest network data from existing SIEM tool and
SOC environment to identify cyber threats before they occur
Business Benefits• Identifying network anomalies for both external and
internal threats near-real time
• Expanding the overall capabilities and time to action for the SOC and Security personnel
• Reduced false positives
• Identification of unknown malicious activities through advanced anomaly detection
Our Solution• Our unified cyber security-risk platform —
implementing machine-learning to provide a comprehensive cyber-threat defense capability
© 2017 Unisys Corporation. All rights reserved. 88
University Network Application Optimization
Business Problem • Extreme network peaks and degradation in
availability; unidentified issues causing network failure
Business Benefits• Network behavioral models identify high demand
peaks and application utilization
• Machine Learning helps to provide insights to predict potential network issues before they happen
• Optimization of hardware and cloud infrastructure investment to maintain network performance
Our Solution• Our network anomaly detection models for
applications and machine learning provide real time insights and predict patterns of usage through actionable intelligence
Thank you!
Learn more at: Unisys.com/CybersecurityAnalyticsLearn more at: Unisys.com/CybersecurityAnalytics