- OCIO Presentation - EDR Offering
- Jess Flaherty - Local Government Program Management - 515-380-3765 -
This email address is being protected from spambots. You need JavaScript enabled to view it. - Dan Powers - Security Operations manager
- EDR via CrowdStike Falcon
- SOC (Security Operations Center) services
- Overview of all CrowdStrike Falcon Module included
- Overview of SOC services
- Service is $98.88/year/device
- 3 year contract, but can be canceled each year.
- To get started email
This email address is being protected from spambots. You need JavaScript enabled to view it.
- Jess Flaherty - Local Government Program Management - 515-380-3765 -
- Tech Check-in go-around.
- Weapons detection on Video surveillance.
Good. How are you? Excellent! Excellent already? So let me just get set up here Welcome everybody to the December eighth edition of technology Check. In thanks. everyone, for showing today. Understand that? you know, some schools closing early, due impending weather coming in. I sleep stuff on it so that might have adjusted our live participation a little bit, but wanted was at meeting great prairie. Aye, yesterday, with their superintendents, and tech directors joint it, from Ocio office, is one presenters it. And so, after she got done present presentation, turn around cornered her, said, Hey, what doing tomorrow one? luckily had time free, last minute part think you'll probably do better Job explaining why you're here. i'm gonna over Jess now we can't hear double muted myself sorry. Hi! jeff clerty ocio it's meet guys if couldn't tell already not backgrounds, work State centralized. It. Department which i'll talk bit more about in moment my role Oc. local government program manager world. Also includes education nonprofit friends as well. could be billy face programs services offer those groups government's, institutions, nonprofits State. will jump, right into presentation very long. It's also informal when please feel free interrupt go questions. brought Dan Powers along me. give him 1 s Dan. introduce yourself. Security Operation Center he has technical background don't have. expand your hi, guys, I'm powers security operation information Iowa. I've been 10 years staff well close 40 people inside general roles all way cybersecurity analysts engineers outreach project management, forth. answer any questions regarding services, we'll there awesome. Thanks, really excited earlier this fiscal year, say ventured new world nonprofit. like mentioned before, centralized agencies. provide support them means standards, cybersecurity. Obviously, agency planning enterprise-wide, then keep procurement However, were established, given authority through Iowa code. Chapter 8 B serve other branches governments, education, nonprofits. started out 9 ago. We working governments area county auditors offices they could. assist standards. election we've expanded partners. business or customers city space. But saw need heard school district across would put purpose together. makes sense district, scalable. You can adjust service districts, service. It 2 main components. endpoint detection response tool. use crowd strike software crowds package have, operations center well, where biggest bang buck state services. obviously hit financial impacts last. point, tool mentioned, strikes. This detects known unknown. The cyber attacks computer servers devices. may install network Crowd Strike next generation. Edr real-time industry data event an incident getting telemetry multi-tenancy falcon package, most expansive 6 key Falcon series. components again If go. first permiss, basic Edr. monitoring preventing malicious processes commands piece edr prevent know gets installed device. going run background. constantly. doesn't end users, unless click something, activity happening device, how contain devices, running background, constantly device anything looks suspicious nature. second component spotlight. vulnerability scanning scan devices strikes on, looking vulnerabilities multiple vulnerabilities. That's that's normal daily spotlight does scans devices? lists vulnerabilities, prioritizes you. vulnerable highest priority want patch still action step. take inform powerful high address per self discover third, inventory user management. When participating With prospect, read access console. dashboard there's different points. There, there'll training involved proceed includes, dashboard. pieces management list checking strike. see check kind deliver drill deeper necessary, case incident. we're phone because alert both pull same screen time. look what's reporting helpful infinite response. remediation hey? Jeff: Yeah, ask quick question. Maybe question was, list, providing host names that. determining whether quarantined. ability ourselves Once Vm. quarantined unquarantine removed threat something only initially line, it'll Rm. Initially. crawl, walk, scenario system. beginning walking crawl actually, us control permission ahead contained, remember containment, talking back crowds. right? Council else its things, once uncontained wherever gotta Internet. Your whatever. let's cause scenarios is. cannot hold hope decide quarantine console ones quarantine, certainly Yup, will. You'll notify there. again, server, deemed, critical. won't I'll Great Okay. fourth crest, stopping series watch. watches another layer eyes land Professionals watching critical level alerts instance. parent instance, education. they're iowa Crowdstre looked that, alerts. contact. us, contact customers. Directly, alerting contacting than ours customer directly. higher call for. level. watch additional eyes. crazy happening. photobias self-in control. safe. Usb usage use. Use view uses. these flash drives shutting down. USB ports USB. For easy transfer monitor USB: sixth Act. intelligence data. professionals gathering hacker group, indicators compass, sharing mitigate risk. specific seen, crowds, seeing mean, partners share gather data, much risk possibly can. 30 operations. said believe thoroughly bank buck, lots places. go, purchase software. On own vendors Er besides nothing. route telling good enough. What differentiates able move forward Operations Center, 24 7. team people. They report dance system alert, there, you, begin process. alert. types experts employ Iowa, thought. Then again. Please damned expertise. response, step in, out, works. here, he's guy too. employees tier tier. analysts. front line They're activity. taking necessary action. On. they'll initiate email depends type escalate necessary. help med meditates analyst investigate emerging threats advise mitigation efforts. collecting talked X groups. closely FBI. Obviously Federal partner Where indicators? compromise attack using helping team. collectively towards threats. engineers. architect tools implementation. point escalation These pulled away. There tenure seen definitely calling doing, times, other, cool actually making sure risks know. Malicious command. Y. Z. make oversimplifying doing. implement way. group governance compliance Again, collaborate things audits, policies. Remediation sock coordination others like, example, Msisack. worry Okay, under stadiumbrella limited being under, umbrella Ms. Isack, who tens thousands. clients they're, monitoring, therefore analyzing statewide Msisc Siza Another third party. National Administration, FBI, participate msi sax Albert program. Here. strong relationship them, said. party feeds far threatened. Intel. products called recorded future minor landscape basically there? receive daily. Our hunting now. Takes takes determinants. environment capabilities strike, actual searching compromise, forth, depending severity lot. Of course, related patching apparently focus 0 day thread actors During during elections high, potential bad actors, having communication Msi sec. So. detailed Sec. Device collects lot no doubt almost 50 States, down good. Which roll Sizza money feds scissor works similar regard diversed world, uses benefits. wild, anytime. tool, Ids Ips is, fire. whatever traffic actor. Keep eye or, learning, Landon. so. dedicated Now didn't always. stood months 3 role. heavy mean comes us. haystack find needle ted say, That try automate can, automated mode, overwhelming amount thank awesome urgent include containment land. asked earlier. ability, individual choose onboard service, discovery inventory. collect covering every single indicate completely deem contained automatically. before yes, automatically spread network. sending picking initiate. incident, questions, exactly like. stay jump virtual hangout, hour. depend comfort moving available send walk then, alerts, Chief Information Officer. He experience worked States. He's space college benefit brings versed fever insurance legal terminology companies them. insurance. Sometimes over, need, handle sometimes cases, medium low. ahead. promise stop interrupting remediation. client identified nicely, determine production removed. Or like? No, figure How? We're learning long scope. ever identical. Some campaigns pretty idea using, investigation. trying print provided by push apologize. Yes, automatic. person, box. prevention phases kill chain Kill chain. Can weaponize delivery chain? unwanted hack downloading malware l dump windows memory particular endpoint, allow alerted. call, cause. did vector? vector in? Was email? was? actions perpetrator endpoint? anything, prepared for? To Assuming usually happens post event. visibility available, logs, log logs windows, maybe d firewall, Pretty much. Raw Sam hand, connected Sim, diligence critic initial patient happened protection places you've should place yup welcome Perfect. cover real low Alerts Patrick learn environment, false positives phase implementation phase, one. automatic preventative blocking tells here's block phases. over. We'll one, regularly through. Those. understanding truly pup background? program, 2. partial preventative. modes significant partially thing. week 2, district. At full thing 3. standpoint. reach quarterly then. regular onboarding problem otherwise You, however, network, concerns, unusual always 31 number. address. Are assuming Still, happen board right. understand, deployment running, applications running. Do child, bring even happen, server. something. contract, big deal because, phase. rate. rate 98, 88 year $100 scalable, haven't caught already. Landon signed mo waiting patiently but, CEO Cio sign onboarding. decide. 4 districts Mo. used Land, 44 checked morning largest far. pk 5 couple 20 range. suggest scaling. start kingdom, will, this, considering administration superintendents building administrators, administrative assistance nurses great. officers. pet anybody student personal Hr consider. Second, consider teachers faculty. Anyone road. Quite ways students, realize segregation between students decision cost examples book chose scale logistics. forward, overview depth Dan, someone his join Thes. memorandum agreement who's responsible lays payment invoice year. rate, mou locked renew. gives years, cancel term. written notice throughout term, increase loving working, 20. notice. process filled. prorated remainder term choose, logistical h discovery. Call Mou, understand Ask bumps road hitting future. start, smooth possible. Movu signed. official. boarding. child. Incense bid installation. select pilot Linux case. Just rest base. logistics interested dan happy entertain got, slide deck Pdf. group. sender. number Alright, sounds copy channel, yeah. wanna product about. previous product. Is a? threat? Feed external ip feed district's Ip accessing done. crossed bridge yet, Tons we'd Sid endpoints you'd capable okay, plan offering cause? Oh, fishing limitations request leadership Shane, Officer, others. Consult cfo cio. security, awareness training. fishing. Testing. Excuse agencies, agencies built sense. works, translate create red tape created. requested of. at. proof points, thunder. perfect agency. now, whose short fixes prenegotiated contracts. procure contracts, premium negotiated rates terms conditions negotiated, immediately am pushing up. stand alone everything scale, included offerings K. 12, added currently discuss. availability staffed afraid ids example. weight connects sock. Shane One web application, firewall. multi-factor, authentication counties funding Government Arp mfa circle harder Right? I, client. client, crowd. Strike. Well, dan's difficult out. becoming giant this. Especially Mfa. side, primarily, application firewall side come. journey to, government. yeah, else. many schools. anyone comments, good, reiterate Guys sleeping night. things. sleep. Get bed, beneficial. glass knock ransomort attack. agnostic vendors. care fire eye, flavor defender. prevent. win paying necessarily yeah systems machines visibility. entry app around. appointment via though factors account Mfa websites vulnerable, fish, fair text visibility, least level, to? advantage vacation lateral movement fun do, Why, segmentation office operating segmented better. discussion internally segment today, beneficial notes recording imagine, bet. we? danned power Get. help, board. Sounds guys. No price clients. accounts reality infrastructure. broke quickly. i'd slip head machines. pay it'd substantially content filtering content, antivirus. Other that'd hard left. agree. curious compares Msisac ess Already backtrack no, comparable Scott. i've pricing, different, sack I. standpoint different. msis sect product, fine. to. posted, martin yard thing, too, bought things? go? Holy crap. assessment separate conversation. assessment. buy licenses supposedly whole totally aware wouldn't. wouldn't either sitting thinking, listening person they? acting middleman informing sounded rude. informed, direct agent sends sock, sees disseminates sec opposite. runs Sax Msisack soft middle man saying depends. technically never recommend right, staffing somebody So, weeks $36. option assignment. ultimately accomplished mostly, effectiveness. imagine. alrighty beings man? interface camera identify weapons, enough further exceedingly arms work, My milestone cameras, vocada. Anyway, has. Nobody knows except Admin building. Seems sort dead busy August. alarming keeps busy. Thanks bringing hadn't video surveillance Ai facial recognition Cars individuals Cotta Head capability, detection, wondering safety grant cameras buildings spending money, fencing. anyway. anxious reports come back. interesting software, fill days ago ended some, catch outside door stairwell off. agree especially today's supposed following, follow. investment Thanks. okay alrighty. Landon, today? Not working. programmer today Hartland systems. Sorry systems, Administrators day, partly Hbs. Trained Systems administrator support. started. spent following Prairie Fairfield yesterday. gearing forcing staff. teachers, Prem. change Make though, trust 90 days, believe. ton enabled windows. Hello her biometrics pushed members fingerprint Government, stuff. anticipating. normal. small subset folks continue matter hired. landed on? Google azure? accounts, register secondary anyways. users. Think old Deal. Google. thought people, gone yet. Except with, mucky monks. interesting. Those phone. basically, shut hurry exactly. alright landon John, How's Nothing new. Mr. Foley, sir, new? goes. guess some. Somebody pointed too alarmed contract eliminating port net liability. infected ransomware. extension attention products. But, Granted, company buys ransom liability sued suspect worries expect do. layers. Look understand. All day? Well none against think, week. update Know agenda next. Week. thanks everyone Have safe