 |
| Data is the glue that binds together our ability to perceive and mitigate Cyber Threats. |
- (Attack) Pattern Definition – The beginning of the Semantic foundation is the collection and / or predictive definition and provision (or definition) of attack patterns.
- Dynamic Threat Correlation – Attack elements are correlated against patterns in real-time to help determine both the threat level as well as potential actions. This becomes a pattern matching exercise; and more importantly, one that occurs across multiple partner organizations.
- Dynamic Incident / Event Collection – Provides the ability to collect and synthesize attack data as attacks are occurring (for use both in immediate remediation as well as later analysis and reconfiguration)
- Cyber COP – COP stands for ‘Common Operating Picture.’ The ability to build this atop a Semantic foundation allows for dynamic and community views as well as comprehensive activity aggregation.
- Cyber Enterprise Architecture (EA) – Enterprise Architecture is the blueprint for infrastructure environments as well as the software and analytics which are housed in those infrastructures. Our Cyber EA approach is built using the same focus on Semantics – allowing for coordination from the ground up.
- Mission Intelligence or Reporting / Cyber Health Dashboards – One thing that has become abundantly clear over the past decade is that Cyber Security is a time sensitive activity and that traditional security analytics are painfully slow. In order to get ahead of the curve – there must be automated alerts and warnings built into our Cyber oversight mechanisms. This Cyber Health Dashboard can exist within or separate from a Common Operating Picture. The Cyber Health Dashboard allows individual security managers to catch activity real-time and then coordinate within their larger communities through collaboration to reduce the impact of the attacks.
Copyright 2012, Semantech Inc. All rights Reserved
0 comments:
Post a Comment