Know what you’reup against with detailed analytics. Managed Security Services-Analytics

PTE16524 1/17

3

Cybersecurity has never been more complicated or more important.

The complexity of managingthese challenges is increasing

awareness andfueling spending.

Security challenges

Vendoroverload

$

Skillsshortage

Regulatorypressure

New digital ecosystems

Disruptive business models

Mobility

Cloud

Cyber crime

4

Managed Security Services overview

• Log monitoring

• Threat detectionand alerting

• Event and incident identification, correlation

Security analytics

• Device availabilityand monitoring

• Device health management

• Device maintenance

• Patching

• Troubleshooting

• Backup and restore

Device management

• Application configuration

• Application change control

Application management

Together our services can help you handle the complexity of modern IT security.

5

Good analytics is a business enabler.

When we say analytics, we don’t just mean after-the-fact data interpretation. We go beyond to provide heuristics and correlation analysis. Our security analytics let you store, interact with, monitor and visualize log files, network flows and IP packets—all in near-real time.

6

Analytics example: Finding the needle

7

Our process and team

Analytics engine

Solutions architect

Intelligence

Verizon Cyber Intelligence Center

Intel feed

Use cases

Tuning

Threat library

Data

Customer business and assets

Security Operations Center (SOC)

Alerts

Response and analytics

Escalation

Reviews

Metrics/ reporting

SecurityServices Advisor

Scoping and design

Pre-sales

8

Monitoring and reporting

9

Comprehensive threat analysis

Our advanced architecture allows for fast incident detection by:• Correlating customer data from multiple sources to identify threat patterns • Correlating cross-customer data• Incorporating SOC analyst feedback• Generating analytics over a large data set• Improving the quality of collected data• Connecting to third-party tools to adapt to a changing threat landscape

PIPConnection

Verizon intake

Data relay

Norm and enrich

Splunk analytics

Verizon Analytics (SEAM)

Big Data platform

Portal

Operations

CustomerLEC

Health and availability

management

Security data pushed and

fetchedConnectionkit

Private IPconnection

Operationsdashboard

Ticketing system

10

Threat management statistics

12,400,753,304 events receivedin August 2015 from customer devices and processed into incidents

3,392,878 incidents generatedfrom these events

52,949 incidents investigatedby Managed Security Services

12,463 incidents escalatedto customers. 72% were manually escalated by our team

One incident investigated about every 50 secondsby the SOC;14.5 minutes was the median time to escalate a new incident to a customer

The value of our threat monitoring and management platform.

11

Pay for what you send: Our tiered pricing model

Data usage monitored by peak per day.

1–10GB 11–50GB 51–100GB 101–200GB 201–500GBNon-recurring charges also apply.

12

Improve your incident detection.

Verizon security analytics help you:

Enhance your situational awareness.

Improve your security posture.

Control costs by relying on our team of experts and our analytics platform rather than hiring and training an in-house team.

See beyond traditional network and edge threats with our continuously

developed threat analytics use cases.

Close the gap between time of compromise and

time to discover.

13

Why should you choose Verizon?

Network• One of the largest global IP

networks in the world• Insight into a large portion of the

world’s internet data1

Tools and assets• Global SOC environment• Tailored operational processes

and expert security knowledge• Billions of events analyzed,

correlated and assessed

2

Framework• The VERIS (Vocabulary for

Event Recording and Incident Sharing) framework3

Cyber risk insights• Over 100k incidents analyzed

in our 2016 Data Breach Investigations Report

• Nearly 70 differentcontributing organizations

• Over a decade of data

4

Cyber risk responseand prevention• Professional Services providing

extensive security intelligence5

Our integrated portfolio delivers the connected world.

Verizon Application Delivery Platforms

Managed Services Platform

Global scale On demand Utility based Integrated

Data Center Services

Cybersecurity Analytics

Network Operations Portals Professional

Services

Network as a Service

IoT ContactCenter

Unified Comms

Secure global network platform

Peop

le a

nd th

ings C

loud services

Secure CloudInterconnect

4G LTE

Ethernet

14

15

Professional services

Consultingservices

Implementation and integration

Operations and lifecycle support

Expertise at each stage of the threat life cycle.

Investigative Response (IR)Improve your reaction time to even the most sophisticated attacks with the help of our Research, Investigations, Solutions and Knowledge (RISK) Team. We can help you identify the source, contain it and verify the extent of losses—all to help limit the impact to your organization and your customers.

Incident Packet Analytics (IPA)Service within Rapid Response Retainer, to be released 1H 2017.

16

Thank you.

17

Appendix

18

Pulling intelligence from raw data

Data can hide valuable insight. With a connection kit or through Private IP connection, Verizon MSS-Analytics can consume multiple types of data.

19

Our security portfolio

Security Lifecycle Consulting• Risk Assessment

• Governance, Riskand Compliance

• Security Strategy and Implementation

• Endpoint andMobile Security

• Identity and Access Management Consulting

• Advanced Intelligence Subscription

• Testing and Certification (ICSA Labs)

Security Monitoringand Operations• Security Device and

Application Management

• Advanced Threat Detection and Response

• Outsourced SIEM Management

• Advanced Threat Hunting and Intelligence

• Certificate, Identityand Access Management Services

Network andGateway Security• Security Gateway

Solutions

• DDoS Mitigation

• Recursive DNS

• Network Traffic Analytics

• Application Management

Incident Response• Cyber Breach and

IT Investigations

• Incident Response Planning

• eDiscovery andLitigation Support

20

Secure Cloud Interconnect and other complementary solutions• Intelligent Cloud Control:

powered by Turbonomic. Maintain high performance by managing select public cloud workloads through a single interface

• Managed Security Services Cloud: Shared firewall platform. Provides granular controls and log analytics on all connections

• SnapLogic: Provides data integration services between multiple cloud service provider applications as well as between cloud-based apps and premises-based apps

Access a suite of solutions to help your enterprise maintain high levels of control, performance, security and efficiency.

VerizonPrivate IP/

Private WAN

VerizonWireless

MSS

Intelligent Cloud

Control

21

Secure Cloud Interconnect value-added security features

 Managed Security Features

• MSS Staging (project managed policy and deployment)

• 24x7 SOC Policy Management and Review• 24x7 Device Change Management• Full Security Event Logging / Retained for

12 months• Health monitoring • 24x7 security incident monitoring

and escalation• Security incident correlation with other

MSS Premium services• Security Solutions Advisor support • Security and Compliance dashboard

access

1. Firewall onlyStateful Firewall (SRC,DST, Port)• Custom NAT • User Authentication• Site-Site IPSEC VPN (to CSP IPs)

2. Firewall with IPDS(Launching 2017)• Intrusion Detection• Intrusion Prevention

Service Offerings

22

Designed with the public sector in mind.

• U.S. Federal-dedicated and CONUS/critical national infrastructure-dedicated SOC

– Cleared U.S. security analyst

• Critical infrastructure-grade security boundary and operational processes

• Infrastructure is built to the FISMA High level

– Includes air-gapped capability for a logical and physical separation from commercial

23

Types of service level agreements

Managed Security Services–Premises(Premium Service Level)

Managed Security Services–Analytics

Health report

Critical security upgrades

Device availability report Security incident ticket