Micro Focus Security, Risk and Governance Sneak Peek
Nick NikolsVP, StrategySecurity, Risk & Governance
Security, Risk & GovernanceMicro Focus Portfolio
DATA GOVERNANCE & PROTECTION
APPLICATION SECURITY
IDENTITY & ACCESS MANAGEMENT
ENDPOINT SECURITY
SECURITY OPERATIONS
INFORMATION ARCHIVING
ANALYTICS & MACHINE LEARNING
Sneak Peek - Endpoint Security
Darrin VandenBos
Product Manager, Endpoint Security
Unified Endpoint Management and Protection
Software Patching
Application Control
Wireless Access
USB and Hardware Communication
Disk and Data Encryption
Removable Storage Access
Personal Firewall
Inventory
Device Configuration
Asset Management
W
Software Delivery
Remote Management
10
OS Deployment
ZENworks
Workstations | LaptopsServers
Mobile Devices
WindowsMacLinuxiOS
Android
Innovation Focused on Mitigating Device Risk
IDENTIFY TRACK REMEDIATE
Patching Software VulnerabilitiesMitigating flaws in 3rd party commercial software
In 2018, the U.S. National Vulnerabilities Database added CVE IDs for over 16,000 potential security vulnerabilities
How do you know which CVEs impact your endpoints?
How do you prioritize so many vulnerabilities?
0
2000
4000
6000
8000
10000
12000
14000
16000
18000
2017 2018 2019
Total CVEs (2017 -2019)
High
Medium
Low
Patching Software Vulnerabilities…the ZENworks way
ZENworks retrieves NVD CVEs that are applicable to your devices
Each CVE displays its vulnerable device count
One-click remediation deploys required patches
Mitigating Overall Device Risk
Factors other than software vulnerabilities put devices at risk
How do you know the overall risk level?
How do you identify the devices that are most at risk?
Patch Currency
Software Vulnerabilities
Encryption Status
Last Contact Time
Anti-Malware Currency
Location Frequency
Operating System Version
XP
Mitigating Overall Device Risk…the ZENworks way
Select the risk factors that are important to you
ZENworks monitors the factors and calculates the device risk
You use ZENworks endpoint security to mitigate risks where possible
Patch Currency
Software Vulnerabilities
Encryption Status
Last Contact Time
Anti-Malware Currency
Location Frequency
Operating System Version
XP
Mitigating Device Risk through Behavior AnalyticsZENworks and Interset UEBA enabling intelligent endpoint detection and response
Abnormal behavior can be an indicator of a compromised device
How do you cut through the noise to identify and remediate the risk ?
INTERSETEstablishes normal
behavior for files copied to removable drives is
less than 20 MB per day
Detects anomalous copy of 200 GB
INTERSETGenerates risk
warning that displays in both Interset and ZENworks consoles
ZENWORKSEnforces automated
policy to lock down file copies on the device
Sneak Peek – Data Governance and Protection
Reiner Kappenberger
Product Lead, Data Security
Eric Popiel
Systems Engineering, Data Security
Data Protection Insight for Analytics and Compliance
Data Protection Events
Data Protection by Format/Field
Data Protection Details for Analytics
Discovering Sensitive Information in Rich Media
Unstructured PII Is Everywhere
Transactions
eMail Texts / Instant Messages
Photos
Audio Video
Drawings
How do you identify AND
protect it?
Micro Focus IDOLArtificial Intelligence analytics for Image, Video, Text, Audio
500+ Analytics Functions
150+ Data Repositories
1000+ Data Types
150+ Languages
30+ GDPR Grammars
PII document image identification
• Use key identifiers:
• OCR PII Entities
• Face detect
• Logo recognition
• Classification of document does not require exact match
Original
Analysed
Redacted
PII document image redaction
PII data redacted audio files
Face analysisFace detectionLocate all the faces in an image
Face demographicsGender, Ethnicity, Age identification
Face stateSpectacles, Facial expression, Eye locations
Face recognitionIdentify the person in a detected faceDecide whether two images depict the same person
Found “President Obama” Face
Face recognition and redaction
Simplify and Accelerate PII Compliance
Micro Focus IDOL = AI for PII Protection
Sneak Peek – Identity and Access Management
Chan Yoon
Product Lead, Access Management
Rick Wagner
Product Lead, Identity Governance and Administration
Tim Sedlack
Product Lead, Privileged Access Management
Access
SINGLE SIGN-ON
MOBILE ACCESS
ACCESS CONTROL
APPLICATION FEDERATION
ANALYTICSRISK-BASED
ACCESS
SOCIAL IDENTITY
CONSUMER ACCESS
API AND SERVICES ACCESS
MULTI-FACTOR AUTHENTICATION
SELF SERVICE
Integration with Interset UEBA
behavioral metrics
Independent Access Management risk
service
Automated user / role creation and removal for
SaaS platforms
Windows Hello for BusinessNational ID IntegrationsZero/Thin Client Support
Secure API Management for micro-services, REST based web services, IoT devices and legacy API systems
APIs Vulnerabilities are a Growing Focus of Outsiders
StarvaPanera
SalesforceUSPS
Venmo
Secure API Manager
Extends capability to secure micro-services, REST based web services, IoT devices and legacy API systems
Adds additional security, including risk-based access & step-up authentication for APIs & clients
Leverages Access Manager for Authentication & Authorization of APIs
Universal Policy Administrator
Universal Policy Administrator (UPA)Centralize policy management across the entire enterprise
Non domain-joined Windows
AD/GPO
• Unifies policy silos with a single normalized format
• Centralizes policy compliance and troubleshooting
• Provides policy change management and administrator delegation
• Addresses potential policy collisions and gaps
• Works natively
*dates and priorities are subject to change based on customer feedback.
Q4 2019*
1H 2020*2H 2020*
2021+*
UPA
Identity Governance and Administration
Governance Analytics – Decision SupportProviding Context to an Application Approval and Certification Review
Governance Analytics – Identity InspectionProviding Context to the Governance Administrators & Auditors
Governance Analytics – User Story LineProviding Context to the Governance Administrators & Auditors
Governance Analytics – Identity InspectionProviding Context to the Governance Administrators & Auditors
Governance Analytics – Unstructured DataProviding Identity Context for Unstructured Data
Sneak Peek – Application Security
Scott Johnson
Fearless Leader, Application Security
Innovation/Roadmap Themes
Integration Automation Agility
On-premise / On Demand
Fortify Ecosystem
Software Security Research
Static Analysis – SCA
Scan and Assess Source Code
Dynamic Analysis – WebInspect
Web Application Vuln Scanning
Runtime Analysis – App Defender
Application Protection & Monitoring
Fortify Development Lifecycle Integrations
IDEs CI/CD SERVERSBUILD TOOLS
TICKETING SYSTEMS
OPEN SOURCE
SOURCE CONTROL
DEVELOPER TRAINING
Plan/Govern
Operate/Monitor Deploy/Release
Develop/Test
Agile Development
Continuous Integration
Continuous Delivery
Product
One more thing…
AppSec ModernizationFortify as Infrastructure
Point/Pick your cloud provider
Pick your Fortify Solution(s)
Start Scanning with new or
latest version
Fortify SCA
Fortify SSC & Tools
Fortify WebInspect
YPC
Your Private Cloud
WebInspectAPI
CL I
AppSec ModernizationFortify as Infrastructure w/ Containerized DAST
AppSec ModernizationSAST Modular Scanning 2020
Dependencies Scanned
Rules
Application
SSC
AWB
Scan ApplicationGenerate RulesHigh Quality
Relevant Results
48
AppSec ModernizationDon’t forget the DAST
FortifyNexGen AppSec!
Sneak Peek – Security Operations
Michael Mychalczuk
Product Lead, Security Operations
Mario Daigle
Product Lead, Interset
Demo
Thank YouTo all of our Sponsors
Platinum
Gold
Silver
Passport to Prizes
1st prize: $1,000 AMEX gift card 2nd prize: $500 AMEX gift card 3rd prize: $250 AMEX gift card
Any Micro Focus station
Any Micro Focus station
Any Micro Focus station
Any Micro Focus station
Any Micro Focus station