Scribd Logo
Upload

Welcome to Scribd!

  • Blade Logic

    Uploaded by

    Anonymous TnmRw4OAmX
    10 views70 pages
    blad

    Original Title

    BladeLogic

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    blad

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    10 views70 pages

    Blade Logic

    Uploaded by

    Anonymous TnmRw4OAmX
    blad

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 70

    BladeLogic 8.

    7:
    SecOps Demo

    Mitchell Sherfey
    Principal Product Manager – Data Center Automation
    mitchell_sherfey@bmc.com
    © Copyright 2014 BMC Software, Inc. 1
    175,492,082
    Records Reported Breached so far in 2015

    $5.3 Million
    71,9
    Average Cost of Data Breach (Up 15%)

    51
    Total Count of CVEs (October 8, 2015)
    © Copyright 2014 BMC Software, Inc. Source: NOPSEC 2015 State of Vulnerability Risk Management 2
    So Why Do Breaches Still Happen?

    43%
    Coverage – you can’t
    patch what you don’t
    know
    of companies have Downtime – hard to
    had a data breech schedule maintenance
    times with users
    Complexity –
    dependencies make it
    hard to isolate actions
    © Copyright 2014 BMC Software, Inc. 3
    Most Breaches Exploit Known Vulnerabilities

    80% 99.9%

    ATTACKS FIX READY


    More than 80% of attacks 99.9% of exploits were
    target known vulnerabilities compromised over a year
    © Copyright 2014 BMC Software, Inc. after the CVE was published 4
    © Copyright 2014 BMC Software, Inc. The Security Operations (SecOps) Gap 5
    Vulnerability Scan Reports
     1000+ page reports

     Difficult to action
     No linkages into remediation

     Audit trails are a series of screen shots

     Not tied to Change Management

    © Copyright 2014 BMC Software, Inc. 6


    SecOps Workflow
    VULNERABILITIES
    VULNERABILITIES REPORT
    REPORT COMPLIANCE
    COMPLIANCE
    SECURITY DISCOVERED
    DISCOVERED
    WITH
    WITHSCANS
    SCANS
    CREATED
    CREATED
    SENT
    SENTTO
    TOOPS
    OPS
    EXTRA
    EXTRACHANGE
    CHANGE
    DOCUMENTATION
    DOCUMENTATION
    VERIFIED
    VERIFIED
    COMPLIANCE
    COMPLIANCE
    REPORTING
    REPORTING

    OPS
    OPSDIGESTS
    DIGESTS REMEDIATION
    REMEDIATION
    OPS
    REPORT
    REPORTAND
    AND CHANGE
    CHANGETICKET
    TICKET CAB
    CABAPROVAL
    APROVAL REMEDIATION
    REMEDIATION CHANGE
    CHANGETICKET
    TICKET
    ANALYSIS
    ANALYSISAND
    AND
    PLANS
    PLANS OPENED
    OPENEDMANUALLY
    MANUALLY (DUE
    (DUETO
    TORISK)
    RISK) EXECUTED
    EXECUTED CLOSED
    CLOSED
    BUILD
    BUILD
    WORK
    WORK

    For every 500


    APP
    APPTEAMS
    TEAMS POTENTIALLY
    POTENTIALLY
    Servers 1 FTE
    Digests Report and APPs GETTING
    GETTING
    EXCEPTIONS
    EXCEPTIONS
    MANY
    MANY
    APPROVALS
    APPROVALS
    Plans Remediation

    Handled Manually Each Each Approver Slows


    Exception is 2-3 Hrs, Exceptions Process – More Risk
    are 2-3 per server per quarter More Approvers
    © Copyright 2014 BMC Software, Inc. 7
    SecOps Workflow
    VULNERABILITIES
    VULNERABILITIES REPORT
    REPORT COMPLIANCE
    COMPLIANCE
    SECURITY DISCOVERED
    DISCOVERED
    WITH
    WITHSCANS
    SCANS
    CREATED
    CREATED
    SENT
    SENTTO
    TOOPS
    OPS
    EXTRA
    EXTRACHANGE
    CHANGE
    DOCUMENTATION
    DOCUMENTATION
    VERIFIED
    VERIFIED
    COMPLIANCE
    COMPLIANCE
    REPORTING
    REPORTING

    OPS
    OPSDIGESTS
    DIGESTS REMEDIATION
    REMEDIATION
    OPS
    REPORT
    REPORTAND
    AND CHANGE
    CHANGETICKET
    TICKET CAB
    CABAPROVAL
    APROVAL REMEDIATION
    REMEDIATION CHANGE
    CHANGETICKET
    TICKET
    ANALYSIS
    ANALYSISAND
    AND
    PLANS
    PLANS OPENED
    OPENEDMANUALLY
    MANUALLY (DUE
    (DUETO
    TORISK)
    RISK) EXECUTED
    EXECUTED CLOSED
    CLOSED
    BUILD
    BUILD
    WORK
    WORK

    For every 500


    Servers 1 FTE
    APP
    APPTEAMS
    TEAMS POTENTIALLY
    POTENTIALLY NOW AUTOMATED
    Digests Report and APPs GETTING
    GETTING
    EXCEPTIONS
    EXCEPTIONS
    MANY
    MANY
    APPROVALS
    APPROVALS
    Plans Remediation

    Handled Manually Each Each Approver Slows


    Exception is 2-3 Hrs, Exceptions Process – More Risk
    are 2-3 per server per quarter More Approvers
    © Copyright 2014 BMC Software, Inc. 8
    SecOps in BladeLogic 8.7
    Reduce vulnerabilities by reducing
    Click to add picture SecOps friction

    • Automatic correlation of Qualys/Nessus


    discovered vulnerabilities and BSA patches
    — Most high severity vulnerabilities out of
    the box
    • Framework for manual association of
    actions
    — Config or validation actions

    • Direct integration with Change


    Management

    © Copyright 2014 BMC Software, Inc. 9


    What’s New in BladeLogic 8.7?
    • Integrated into BladeLogic Portal
    • Nessus support
    • Honors BSA RBAC
    • “Elastic search” for near
    immediate searching
    • Support for complex many-to-
    one relationships
    • Remediation and Assets

    © Copyright 2014 BMC Software, Inc. 10


    Demo: See It For Yourself!

    © Copyright 2014 BMC Software, Inc. 11


    Remediate Scans

    © Copyright 2014 BMC Software, Inc. 12


    © Copyright 2014 BMC Software, Inc. 13
    © Copyright 2014 BMC Software, Inc. 14
    © Copyright 2014 BMC Software, Inc. 15
    © Copyright 2014 BMC Software, Inc. 16
    © Copyright 2014 BMC Software, Inc. 17
    © Copyright 2014 BMC Software, Inc. 18
    © Copyright 2014 BMC Software, Inc. 19
    © Copyright 2014 BMC Software, Inc. 20
    © Copyright 2014 BMC Software, Inc. 21
    © Copyright 2014 BMC Software, Inc. 22
    © Copyright 2014 BMC Software, Inc. 23
    © Copyright 2014 BMC Software, Inc. 24
    © Copyright 2014 BMC Software, Inc. 25
    © Copyright 2014 BMC Software, Inc. 26
    © Copyright 2014 BMC Software, Inc. 27
    © Copyright 2014 BMC Software, Inc. 28
    © Copyright 2014 BMC Software, Inc. 29
    © Copyright 2014 BMC Software, Inc. 30
    © Copyright 2014 BMC Software, Inc. 31
    © Copyright 2014 BMC Software, Inc. 32
    © Copyright 2014 BMC Software, Inc. 33
    © Copyright 2014 BMC Software, Inc. 34
    © Copyright 2014 BMC Software, Inc. 35
    Import Scans

    © Copyright 2014 BMC Software, Inc. 36


    © Copyright 2014 BMC Software, Inc. 37
    © Copyright 2014 BMC Software, Inc. 38
    © Copyright 2014 BMC Software, Inc. 39
    © Copyright 2014 BMC Software, Inc. 40
    © Copyright 2014 BMC Software, Inc. 41
    Map Assets

    © Copyright 2014 BMC Software, Inc. 42


    © Copyright 2014 BMC Software, Inc. 43
    © Copyright 2014 BMC Software, Inc. 44
    © Copyright 2014 BMC Software, Inc. 45
    © Copyright 2014 BMC Software, Inc. 46
    © Copyright 2014 BMC Software, Inc. 47
    © Copyright 2014 BMC Software, Inc. 48
    © Copyright 2014 BMC Software, Inc. 49
    © Copyright 2014 BMC Software, Inc. 50
    © Copyright 2014 BMC Software, Inc. 51
    © Copyright 2014 BMC Software, Inc. 52
    Map Vulnerabilities

    © Copyright 2014 BMC Software, Inc. 53


    © Copyright 2014 BMC Software, Inc. 54
    © Copyright 2014 BMC Software, Inc. 55
    © Copyright 2014 BMC Software, Inc. 56
    © Copyright 2014 BMC Software, Inc. 57
    © Copyright 2014 BMC Software, Inc. 58
    © Copyright 2014 BMC Software, Inc. 59
    © Copyright 2014 BMC Software, Inc. 60
    Set the Foundation

    © Copyright 2014 BMC Software, Inc. 61


    © Copyright 2014 BMC Software, Inc. 62
    © Copyright 2014 BMC Software, Inc. 63
    © Copyright 2014 BMC Software, Inc. 64
    © Copyright 2014 BMC Software, Inc. 65
    Assign Asset Groups

    © Copyright 2014 BMC Software, Inc. 66


    © Copyright 2014 BMC Software, Inc. 67
    © Copyright 2014 BMC Software, Inc. 68
    BMC BladeLogic 8.7
    Bridging Agility and Security
    Learn more at www.bmc.com/secops

    • Download the Face the Facts of


    Compliance paper
    • Watch the State of Michigan success story
    video
    • Learn more about new features of
    BladeLogic 8.7 and closing the SecOps gap
    © Copyright 2014 BMC Software, Inc. 69
    Thank You —

    Bring IT to Life.™

    © Copyright 2014 BMC Software, Inc. 70

    You might also like