Open navigation menu

Welcome to Scribd!

Spotlight Process

Uploaded by

Dương Dương

0% found this document useful (0 votes)

3 views1 page

Copyright

© © All Rights Reserved

Available Formats

DOCX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

© All Rights Reserved

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

3 views1 page

Spotlight Process

Uploaded by

Dương Dương

Copyright:

© All Rights Reserved

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 1

Search inside document

Spotlight Process

1. Configure Connections and Data Sources

a. Set up connections:
i. Active Directory
ii. PAM
iii. SIEM
b. Define the assets and domains to be covered by Spotlight

2. Define Crown Jewels

a. Crown Jewels = any critical system
b. Must have an IP address, host name, or URL

3. Write Policies
a. Create a default rule to collect data
b. Create additional rules later if needed

4. Data Collection and Analysis

a. ITDR queries Active Directory and PAM
b. ITDR deploys self-dissolving binary to endpoints
c. Spotlight IDI server analyzes and prioritizes risk findings

5. Remediation
a. Spotlight performs cleaning based on auto-hygiene rules created
b. Spotlight administrators triage remaining risk findings

You might also like

Business Email Compromise Response Playbook
Document7 pages
Business Email Compromise Response Playbook
Frank Gulmayo
No ratings yet
Oracle Infrastructure Architect Associate All One PDF
Document663 pages
Oracle Infrastructure Architect Associate All One PDF
timirkanta
No ratings yet
SEcurity+ Questions
Document17 pages
SEcurity+ Questions
Enock Anderson
No ratings yet
Exam Ref 70-532 Developing Microsoft Azure Solutions (PDFDrive)
Document633 pages
Exam Ref 70-532 Developing Microsoft Azure Solutions (PDFDrive)
grndarubio
No ratings yet
People and Organisational Document
Document11 pages
People and Organisational Document
Ravi Raman
No ratings yet
Web Application Compromise Response Playbook
Document7 pages
Web Application Compromise Response Playbook
Frank Gulmayo
No ratings yet
Obiee 12c Course Content
Document6 pages
Obiee 12c Course Content
Khaled Mohammed
No ratings yet
Computer Forensics Projects
Document4 pages
Computer Forensics Projects
zaid khattak
No ratings yet
CND Exam (Answer)
Document23 pages
CND Exam (Answer)
Foodbank Jatibening
100% (1)
Privacy Manager Certification: Examination Blueprint For The Certified Information Privacy Manager (CIPM)
Document2 pages
Privacy Manager Certification: Examination Blueprint For The Certified Information Privacy Manager (CIPM)
Matthew
No ratings yet
Computer System Servicing NCII Pointers To Review
Document2 pages
Computer System Servicing NCII Pointers To Review
Eviok Anfone Zosa
No ratings yet
SQL Server Installation Checklist2
Document3 pages
SQL Server Installation Checklist2
praveenmpk
No ratings yet
Sails.js in Action
From Everand
Sails.js in Action
Irl Nathan
No ratings yet
Ibm Datapower Gateway V7.6 Solution Implementation Sample Test
Document4 pages
Ibm Datapower Gateway V7.6 Solution Implementation Sample Test
Anudeep Polamarasetty
No ratings yet
Django Unleashed: Building Web Applications with Python's Framework
From Everand
Django Unleashed: Building Web Applications with Python's Framework
Kameron Hussain
No ratings yet
hapi.js in Action
From Everand
hapi.js in Action
Matt Harrison
No ratings yet
C1000-156 QRadar SIEM V7.5 Administrator Sample Test
Document19 pages
C1000-156 QRadar SIEM V7.5 Administrator Sample Test
heineckenn
No ratings yet
Integration of Cisco - ISE - With - cnPilot-AP's
Document19 pages
Integration of Cisco - ISE - With - cnPilot-AP's
lacerdatom
No ratings yet
Incident Response Playbooks 1687937708
Document21 pages
Incident Response Playbooks 1687937708
mac
No ratings yet
Syllabus Ccna Security Iins
Document11 pages
Syllabus Ccna Security Iins
Hrm Saifullah
No ratings yet
Test-Exam - S1000-001 IBM Cloud Pak For Security 1.x
Document10 pages
Test-Exam - S1000-001 IBM Cloud Pak For Security 1.x
shad
No ratings yet
Cloud Security Assignment
Document10 pages
Cloud Security Assignment
msaif213010
No ratings yet
Hypatia Final
Document8 pages
Hypatia Final
Assem Makhyoun
No ratings yet
Collibra DIC Data Privacy 2022.05
Document185 pages
Collibra DIC Data Privacy 2022.05
Host Mom
No ratings yet
Managing Network Sources
Document4 pages
Managing Network Sources
sss ppp
No ratings yet
Wordpress - HA - Environment - Setup Guide
Document3 pages
Wordpress - HA - Environment - Setup Guide
Wordpress MediaExplorer
No ratings yet
Sample Questions For: Test C1000-026, Ibm Qradar Siem V7.3.2 Fundamental Administration
Document4 pages
Sample Questions For: Test C1000-026, Ibm Qradar Siem V7.3.2 Fundamental Administration
Kirenji Ryusei
No ratings yet
Architecture Diagram: Social Networks Users
Document1 page
Architecture Diagram: Social Networks Users
Reddy Sumanth
No ratings yet
Slide STM Accounting
Document18 pages
Slide STM Accounting
Tika Larasati
No ratings yet
S1103612GC21 Ag CLS-Lab-05
Document10 pages
S1103612GC21 Ag CLS-Lab-05
ahmad
No ratings yet
Athena ChuongTrinhDayMCSA ISA 70 350
Document2 pages
Athena ChuongTrinhDayMCSA ISA 70 350
Kha Trinh
No ratings yet
McAfee SIEM Course Content
Document2 pages
McAfee SIEM Course Content
John Manni
No ratings yet
Prisma Certified Cloud Security Engineer (PCCSE) Blueprint
Document4 pages
Prisma Certified Cloud Security Engineer (PCCSE) Blueprint
John Lin
No ratings yet
Aws Crist PDF
Document3 pages
Aws Crist PDF
Pranav Kashyap
No ratings yet
Samc1000 066
Document4 pages
Samc1000 066
Mahendran Balu
No ratings yet
CH4 Review
Document5 pages
CH4 Review
Nick Benz
100% (1)
Sow It Infra
Document3 pages
Sow It Infra
dev Kumar
No ratings yet
IP Assignment Using An External Server On ACS 5
Document9 pages
IP Assignment Using An External Server On ACS 5
tberner666
No ratings yet
PCI Compliance
Document18 pages
PCI Compliance
Husseni Muzkkir
No ratings yet
300 735 SAUTO v1.1
Document2 pages
300 735 SAUTO v1.1
elmenor
No ratings yet
Full Ebook of Google Cloud Certified Associate Cloud Engineer All in One Exam Guide 1St Edition Hyman Online PDF All Chapter
Document69 pages
Full Ebook of Google Cloud Certified Associate Cloud Engineer All in One Exam Guide 1St Edition Hyman Online PDF All Chapter
colettespell207923
100% (2)
Sample Exam 250-315: Administration of Symantec Endpoint Protection 12.1
Document5 pages
Sample Exam 250-315: Administration of Symantec Endpoint Protection 12.1
simardeepsingh3
No ratings yet
Lab 6 Rules PDF
Document8 pages
Lab 6 Rules PDF
Pradeep Kumar
No ratings yet
210 255 Secops v2
Document5 pages
210 255 Secops v2
vjjmiras
No ratings yet
DWDM Final Lab Syllabus
Document2 pages
DWDM Final Lab Syllabus
saisimba99
No ratings yet
F5 201 Notes
Document13 pages
F5 201 Notes
Puneet Gupta
No ratings yet
EX NO 6 Riyaz New'11
Document5 pages
EX NO 6 Riyaz New'11
sam881343
No ratings yet
Semester VI Subject Name: Ethical Hacking Name: Mohammed Raza Haqiqullah Khan Class: T.Y. B.Sc. Computer Science
Document35 pages
Semester VI Subject Name: Ethical Hacking Name: Mohammed Raza Haqiqullah Khan Class: T.Y. B.Sc. Computer Science
Raza khan
No ratings yet
AZ First 6 Mod 5
Document24 pages
AZ First 6 Mod 5
jharajnish30
No ratings yet
Checkpoint Test-Inside 156-215 80 v2020-09-23 by Mila 320q - QOnly
Document65 pages
Checkpoint Test-Inside 156-215 80 v2020-09-23 by Mila 320q - QOnly
Mirza Cerim
No ratings yet
ISO 27701 Whitepaper
Document30 pages
ISO 27701 Whitepaper
John
No ratings yet
Question 1
Document4 pages
Question 1
YoSalinas
No ratings yet
AZ First 6 Mod 3
Document22 pages
AZ First 6 Mod 3
jharajnish30
No ratings yet
Module 8: Administering and Troubleshooting Compliance and Security in Office 365 Lab: Configuring and Troubleshooting Compliance and Security
Document11 pages
Module 8: Administering and Troubleshooting Compliance and Security in Office 365 Lab: Configuring and Troubleshooting Compliance and Security
Ben Aissa Taher
No ratings yet
Module 8: Administering and Troubleshooting Compliance and Security in Office 365 Lab: Configuring and Troubleshooting Compliance and Security
Document11 pages
Module 8: Administering and Troubleshooting Compliance and Security in Office 365 Lab: Configuring and Troubleshooting Compliance and Security
Ben Aissa Taher
No ratings yet
Cipm Ebp 2.0.1 2022
Document2 pages
Cipm Ebp 2.0.1 2022
blackdogpk
No ratings yet
CCNA Security Syllabus
Document5 pages
CCNA Security Syllabus
zoya
No ratings yet
Ebffiledoc - 707download PDF Infrastructure As Code 2Nd Edition Early Access Kief Morris Ebook Full Chapter
Document53 pages
Ebffiledoc - 707download PDF Infrastructure As Code 2Nd Edition Early Access Kief Morris Ebook Full Chapter
dan.marrero822
100% (1)
QRadar SIEM V7.5 Deployment Exam C1000-153 Sample Questions
Document9 pages
QRadar SIEM V7.5 Deployment Exam C1000-153 Sample Questions
Paulo
No ratings yet
CS552 Object-Oriented Design Project Mahender Kasarla, Pramod Reddy Dharma Rivier University
Document37 pages
CS552 Object-Oriented Design Project Mahender Kasarla, Pramod Reddy Dharma Rivier University
Sanjog Pathak
No ratings yet
Tomcat Penetration Testing 1714147419
Document22 pages
Tomcat Penetration Testing 1714147419
Dương Dương
No ratings yet
How To Demo CASB-9-2-21-Partner Use
Document8 pages
How To Demo CASB-9-2-21-Partner Use
Dương Dương
No ratings yet
Tenableio and CyberArk Enterprise Password Vault Integration Guide
Document71 pages
Tenableio and CyberArk Enterprise Password Vault Integration Guide
Dương Dương
No ratings yet
Requir Ment
Document1 page
Requir Ment
Dương Dương
No ratings yet
L1
Document2 pages
L1
Dương Dương
No ratings yet
Samsung Group Purchases From Imarketkorea: Online File W5.5
Document1 page
Samsung Group Purchases From Imarketkorea: Online File W5.5
Dương Dương
No ratings yet