2
Company Facts CYBERSECURITY AND ENTERPRISE THREAT MANAGEMENT SOLUTIONS
FORMED in 2012 on a 20 year legacy (Digital Sandbox, FlexPoint, NetCentrics)
EMPLOYEES: 350, 90% Cleared
COMPETENCIES: Cybersecurity, Information Assurance, Network Management, Advanced Threat Analytics, Innovation Management
3
Our Core ValuesValues-Driven Engineering
“We apply creative thinking, imaginative engineering, innovative technology, and thoughtful leadership to
improve the quality of life”
4
To help defend our customers from known and unknown threats to their
mission
Our mission
5
We Provide Actionable Intelligence ForDECISION MAKERS WHO
Protect critical infrastructure & key resources
Protect computer networks
Protect against loss from fraud
Protect people from natural hazards & human threats
Protect an enterprises ability to compete effectively
Manage responses to threats
6
We Bring New Thinking to our SolutionsBUILT ON INDUSTRY THOUGHT LEADERSHIP
Multiple patents for analyzing risks that are difficult to quantify
Pioneered secure multi-agency collaboration in the cloud
Pioneered risk based analytics and mobile apps to deliver insights directly to decision makers
Innovate on purposeTM consulting service enables organizations to innovate faster
Unique contextual real time streaming analytics platform in the cloud to enable situational awareness
7
Trusted by a Wide Range of OrganizationsTO PROVIDE INNOVATIVE THREAT MANAGEMENT SOLUTIONS
We are the de-facto standard for risk management for major
national events requiring multi-agency collaboration
We are used by 15 of the 20 largest urban areas to keep their
citizens & assets safe
We developed the protective intelligence methodology used by
the Bill & Melinda Gates Foundation
Deployed Nationwide for Threat & Risk Management
Trusted by Top Defense, Intel & Federal Civilian
AgenciesWe architected, manage & defend some of the most mission critical
networks in the US
We manage the largest enterprise-wide architecture &
worldwide deployments of SCCM & SCOM
We deployed the CIA’s first private cloud with AWS
8
Network Management & Cyber Threat Intelligence
9
No industry is immune, no level of technical sophistication is
sufficient
Real-time visibility & control over the entire at risk
environment is critical for CSO’s and CIO’s
All security breaches involve people and people are smarter
than rules
Status Quo: Perimeter Defense Isn’t SufficientRISK TO DATA AND MISSION CAPABILITIES
10
Why?
Target’s cyber intrusionand subsequent data theftis well known…
40 million – The number of credit and debit cards thieves stole from Target between Nov. 27 and Dec. 15, 2013
“They are bombarded with alerts”- Source Bloomberg
“The alert from FireEye labeled the threat with the generic name – malware.binary”
Source Bloomberg
Systems that generate too many false positives are a nuisance
Information needs to be prioritized and understood to be ACTIONABLE
The Problem: The Signal has become the noise!WHY BRUTE FORCE ANALYTICS DOESN’T WORK
Target’s cyber detection systemscaught the malware (FireEye)
“Target says it declined to act on early alert of cyber breach”
- Source Bloomberg
11
Prioritized Incidents/Threats
Catalog Assets Detect Threats Mitigate Vulnerabilities
Predict Risk
What is needed: Dynamic risk-based approach
Operating Systems
ApplicationsSwitches Routers IDS/IPS Firewall Web Servers
Event Logs, Correlation & Flow Data
Normalization & Categorization
Network, Asset & Identity Context
Real-Time
Collection, Normalization & Analysis
Unified IT Security & Risk Posture
Actionable Insight
Reduced Operational Effort
For Any Size Organization
12
System Hardening/App Protection/Secure Coding
Encr
ypti
on,
PK
I
Enterprise Services (DNS, DHCP, etc)
Secu
re S
yste
ms
Develo
pm
ent Life
cycle
External Mandates
Vulnerability Management
Universal Log Management
Sensors & Response
Universal Log Management
Software Configuration Management
Risk Management Platform
Correlation & Analysis
Asset & Network
Management
Network Access Control
Network & Access Management
Database of Asset Inventories
Our risk-based approach: Unified Threat ManagementTHE FOUNDATION FOR OUR CYBER THREAT INTELLIGENCE SOLUTIONS
13
BenefitsEnd-to-End Cyber Intelligence Platform for Situational Awareness & Analysis
Complete understanding of the overall at-risk environment to protect
Early detection of threats & ability to correlate to the at-risk environment
Dynamic risk-based prioritization of information identifies what is most important
Specialized cyber analyst-centric tools to support collaboration and digital cataloging of analysis workflows
Contextually integrate internal and external data sources
CSO, CISO Analyst
Infrastructure & Assets End Users
14
Brought the Pentagon back online post September 11 attack in less than 24 hours
Haystax NetCentricsMISSION CRITICAL NETWORK PROTECTION SERVICES
15
Public Safety & Enterprise Threat
Management
16
Broader visibility | Reduced Response times| Prioritized resource allocation
Profile overall enterprise threat
and risk
Monitor continuously and broadly against
that profile
Implement collaborative, dynamic situational awareness
Prioritize and route critical
information for action
Public Safety & Enterprise Threat ManagementENABLING RISK INFORMED DECISION MAKING
17
Contextual situational awareness anywhere
Swivel-chair situational awareness does not scale …and one
app
Into one screen
Haystax Analytics & visualization can put all the information that goes here
Informed Decision Making Needs ContextCONTEXT ENABLES DECISION MAKER TO UNDERSTAND ALL THE DATA
18
The Constellation Analytics PlatformTM
OPTIMIZES MACHINE AND HUMAN PROCESSING OF DATA
Low Priority Channels
Domain Ontology
NLP
Association Analysis
Scoring
Entity Resolution
Geo Reasoning
Data Collection & Pre-Processing
Analytic Processing
Archive DB Web
Mobile
3rd Party
Visual Interaction CanvasesAlerts Reports
MapTriage Timeline
Physical Assets/CIKR
HR DataCalls for Service
Enterprise Communications
Enterprise Data News & Social
Feeds
Network Alerts
Know & Act
Patent # 8874071
19
Decision Makers are Increasingly MobileACTIONABLE INTELLIGENCE BEYOND OFFICE WALLS
Powerful native apps with easy self configuration and usability
Reporting, Assessments & Monitoring seamlessly integrated
Secure online/offline data access from anywhere
20
Haystax Analytics Helps First RespondersBY SEAMLESSLY TYING INFORMATION TO THEIR OPERATIONAL PROCESS
Fuse data streams from existing systems into “channels” of prioritized operational information
Secure cross organization information sharing & collaboration
Unified system of records that can be accessed from anywhere, anytime
21
Haystax Analytics Helps CommandersBY PROVIDING CONTEXTUAL SITUATIONAL AWARENESS WHEREVER THEY ARE
Holistic presentation framework that optimizes based on device, role, location, time, context
Information is prioritized based on relevance to the user
User interface designed to focus user to hot spots and key alerts
22
Monitor categorized & prioritized data feeds from multiple sources
Make predictions based on trends and intensity of data
Use dynamically generated profiles of to discover links & associations
Haystax Analytics Helps Analysts BY MAKING IT EASY TO INTERACT WITH REAL TIME DATA IN REAL TIME
23
In the command center Forward deployed Mobile Apps
>25 mile radius monitored
312 events monitored
50+ agencies collaborated
600 real-time data feeds
238 assets protected
345 incidentsmanaged
RESULTS FROM SUPER BOWL XLVIII
Haystax Analytics in ActionLAST FIVE SUPER BOWLS
24
Haystax provides the analytic back-bone for total situational awareness
100% cloud based
Integrates hundreds of real time information sources across the state
Information is prioritized and routed automatically to personnel on the ground as needed
State-wide situational awareness from one screen
Haystax Analytics in ActionCalifornia Emergency Operations Center
25
Critical information is available in under a minute v. over an hour
Uses Haystax as the platform for managing risk based data on physical structures and improving first responder actions
100% cloud based
Mobile apps for data collection and field reporting
Leverages Haystax’s ability to secure critical private sector data and secure sharing of information between private and public sectors
Haystax Analytics in ActionHouston
26
Incident Reporting & Event Tracking
Contextual Monitoring of Threats & Risks
Nationwide School Safety POWERED BY OUR ANALYTIC PLATFORM
School Safety Master Data Management
.
27
Innovation
28
29
We are advancing the status quo in threat analytics with innovative techniques & technologies
Designing elegant solutions for complex
analytic challenges
Our visualizations enable informed decision making
Our patented prioritization algorithms excel where the noise to signal ratio is high
Our ‘whole person’ Bayesian model specializes in behavioral threat detection
30
Bayesian model designed to solve high noise-to-signal data problems
Automatically aligns alert quality to available investigation resources
Eliminates scaling problems of traditional rules based systems
Our Response to Traditional Brute Force Enterprise Threat AnalyticsCARBON
31
How Carbon WorksMATHEMATICAL MODELING OF EXPERTS + RISK RANKING + CONTINOUS EVALUATION =
AUTOMATED THREAT AWARENESS
Background Check
Peers & Family
$Financial Records Public
Records
HR Recor
d
Web and Social Media
+ =
Experts Data
Continuously prioritized risk based ranking
32
Carbon is a Threat Optimization SolutionIT DOES NOT REMOVE ALERTS, JUST TELLS YOU WHICH ARE IMPORTANT AND WHY
Automated continuous evaluation and re-prioritization enables sustained success
Can be deployed on top of 3rd party alerting products
33
Carbon Value PropositionSTOP LOOKING AT ALERTS, START ACTING ON THEM BY KNOWING YOUR RISK
Up to 10x improvements in investigation productivity
Separates the critical from the mass and lets the analyst know
Full traceability from results to the source data
Compare subject to peer groups and
historic changes in risk profile
34
EXPERTISE: Enabling Enterprise Clouds Without the DramaHAYSTAX CANOPY CLOUD ACCELERATORS ARE THE FASTEST WAY TO A SECURE CLOUD
Cloud enable Microsoft to any cloud
90 days, fixed cost none to done guarantee
Microsoft Gold Certified Partner
Selected by Microsoft to build their reference Azure package for the US Intel Community
35
INNOVATE ON PURPOSETM: OVO EXPERTS WORKING TO REINVIGORATE INNOVATION SKILLS, INSIGHTS AND
COMPETENCIES IN ANY ORGANIZATION
Proven “Innovate on Purpose” methodology
Innovation change management consulting
Rapid disruptive innovation workshops
36
R&D: Haystax Technology AcceleratorDRIVEN TO INNOVATE AND BRING TO MARKET DISTRUPTIVE PRODUCTS
Develop advanced concepts
Focus on solving the “really hard” problems
Advance the state of the art through agile, out-of-the-box thinking
37
Haystax in the News
38
39
Thank You
Haystax Technology8251 Greensboro DriveSuite 1111McLean, VA 22102(202) [email protected]
Top Related