catelas security & investigations
DESCRIPTION
TRANSCRIPT
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
Relationship Forensics
Security & Investigations
• Pro-active monitoring of anomalous behavior• Intelligent Discovery & Collection
Better Security… and faster, smarter investigations
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
The Insider Threat
Rather than be reactive, businesses may take to profiling employees based on behavior and other risk factors, such as whether the person is about to be laid off
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
Monitoring social media leaks
• Who are your high risk employees or contractors?
• Are their communications being monitored?
Are you monitoring potential security leaks to wikileaks, blogs, twitter or
facebook?
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
The ProblemThe current process
Challenges• No proactive monitoring • Investigations are disruptive and costly• Too much data / how to prioritize?
Current processes:…silo’ed, slow, search based, iterative & no big picture
Any Investigation ... • Little is known upfront• Involves many organizations, languages• Collection of data alerts the criminals• Time is money – the longer it drags on, the
more it costs
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
We don’t monitor the movement of sensitive data…. We identify anomalous
people behavior…
…and focus on their relevant communications.
Relationship Forensics
Do mis troa negativaj priskribo, veo norde grado kvintiliono do. Ali ke
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
Do mis troa negativaj priskribo, veo norde grado kvintiliono
veo norde grado kvintiliono do
veo norde grado kvintiliono do
veo norde grado kvintiliono do.
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
The ProblemA new paradigm
Imagine if… at any time you had…• Automatic visibility of the entire company’s
communications• Red flag alerts of suspicious activity• … proactively - before collection and
investigations begin
So you can…• Investigate quickly & conclusively• Negotiate / Resolve early in the
cycle• Demonstrate a comprehensive
Monitoring & Audit approach
Now…• Collection is more focused• Only 1% of email is
translated and reviewed
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
The ProblemWhat Catelas delivers
Pro-active monitoring Monitor entire company, focusing on risk anomalies and potential red flags
Intelligent Discovery Rapidly establish who and what information to collect, before collection
Deep-dive Investigations & Analytics
Direct the investigation to the relevant information. Provide link analysis to solve case
Reduced Security Risk; Significant (5X) Cost and Time Savings
Wnrd gntjk in mensv brtnt jkrserk
Wnrd gntjk in mensv brtnt jkrserk
Wnrd gntjk in mensv brtnt jkrserk
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
Typical deployment
Pro-active Monitoring & Intelligent Discovery
(Log File analysis)• Before Collection:…• Identify who is involved (from HQ)• Provide Early Case Intelligence report• Assess case importance• Define case strategy
Deep-dive Investigations & Analytics
(Native email analysis)• Deployed on laptop or remotely
accessed server• Prioritized review of communications
between key custodians• Key word analysis and network maps• Create case report for executive
review
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
Live DemoDemo
Copyright © 2011 Catelas Inc. All rights reserved Security & Investigations – Mar 2011
Thank You
Robert Levey978 996 [email protected]