From a0743cba8ffb2cf05432bb26fab2239d7277e4c2 Mon Sep 17 00:00:00 2001
From: medusa <newton214@gmail.com>
Date: Sat, 28 Feb 2026 15:54:38 +0000
Subject: [PATCH] Add work/demo_presentaion.md

---
 work/demo_presentaion.md | 138 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 138 insertions(+)
 create mode 100644 work/demo_presentaion.md

diff --git a/work/demo_presentaion.md b/work/demo_presentaion.md
new file mode 100644
index 0000000..fee9eed
--- /dev/null
+++ b/work/demo_presentaion.md
@@ -0,0 +1,138 @@
+---
+marp: true
+theme: uncover
+class:
+  - lead
+  - invert
+---
+
+# Securing Boring Financial's Hybrid Cloud Journey
+## A Unified Approach with Trend Micro
+**Jason Davis** | Senior Channel Solutions Engineer Candidate
+
+---
+
+<!-- Slide 2: Key Business Risks Identified -->
+
+# Top 3 Business Risks
+
+| Risk | Business Impact |
+|------|-----------------|
+| **Phishing & Credential Theft** | Financial data breach, PCI fines, customer trust |
+| **Siloed Visibility** | Delayed threat detection, audit failures, compliance gaps |
+| **Ad Hoc Incident Response** | Extended dwell time, ransomware potential, manual errors |
+
+*These aren't just technical problems—they're business risks.*
+
+---
+
+<!-- Slide 3: Technical Solution Overview -->
+
+# A Unified Platform Approach
+
+![width:800px](https://via.placeholder.com/800x200?text=Trend+Vision+One+Platform)
+
+- **Trend Vision One** – XDR + SIEM + Threat Intelligence
+- **Trend Cloud One** – Workload security for AWS (EC2, RDS, containers)
+- **Trend Email Security** – Stops phishing before it reaches inbox
+- **Integrates with existing investments** (CrowdStrike, O365, Okta)
+
+*Single pane of glass across your entire digital estate.*
+
+---
+
+<!-- Slide 4: Architecture Highlights -->
+
+# Architecture Overview
+
+```mermaid
+graph TD
+    subgraph "Boring Financial Environment"
+        A[AWS<br/>CloudTrail, VPC Flow] -->|Connector| TVO[Trend Vision One]
+        B[On-prem Firewalls<br/>Cisco] -->|Syslog| TVO
+        C[CrowdStrike EDR] -->|API| TVO
+        D[O365 / Okta] -->|API| TVO
+        TVO --> E[Workbench Automation]
+        E --> F[AWS Security Groups<br/>Okta Session Revoke]
+    end
+    TVO --> G[Compliance Reports<br/>PCI, SOC2]
+```
+
+**Key Integration Points:**
+- AWS CloudTrail & VPC Flow → real-time threat detection (proven at AWS GovCloud)
+- CrowdStrike ingestion → enrich without rip/replace
+- Automated playbooks → isolate instances, revoke identities (Python/Ansible ready)
+
+---
+
+<!-- Slide 5: Implementation Phases & Timeline -->
+
+# Phased Rollout – Low Risk, High Impact
+
+| Phase | Duration | Activities |
+|-------|----------|------------|
+| **Phase 1: Quick Wins** | 2 weeks | Deploy Trend Email Security, ingest O365/Okta logs into Vision One |
+| **Phase 2: Cloud Workloads** | 4 weeks | Deploy Cloud One agents on EC2, connect AWS accounts |
+| **Phase 3: Automation** | 6 weeks | Build custom playbooks (Python/Ansible) for automated response |
+
+*Minimal disruption – we validate in a staging environment first*  
+*(like the staging I built at Entrust that caught critical errors).*
+
+---
+
+<!-- Slide 6: Expected Outcomes (KPIs/ROI) -->
+
+# Measurable Business Outcomes
+
+| Metric | Baseline | Target |
+|--------|----------|--------|
+| Mean Time to Detect (MTTD) | Days | Hours |
+| Mean Time to Respond (MTTR) | Manual, ad hoc | Automated minutes |
+| Phishing emails reaching inbox | Current volume | -90% |
+| Audit evidence collection | Weeks | Real-time dashboards |
+
+**ROI:** Reduced breach risk, lower compliance costs, faster innovation.
+
+*Based on my work at Verizon and TBX, automation alone cut deployment errors by 35%.*
+
+---
+
+<!-- Slide 7: Differentiation vs Competitors -->
+
+# Why Trend Micro?
+
+| Challenge | Competitors | Trend Advantage |
+|-----------|-------------|-----------------|
+| **Siloed tools** | Point products (Palo Alto, CrowdStrike alone) | **Unified XDR + SIEM** across cloud, network, email |
+| **Integration complexity** | Rip/replace required | **Integrates with existing stack** (CrowdStrike, O365) |
+| **Manual response** | Basic SOAR | **AI-powered automation** + custom playbooks (Python/Ansible) |
+| **Cloud workload security** | Separate licenses | **Cloud One** built into the platform |
+
+*You keep your investments; we make them work together.*
+
+---
+
+<!-- Slide 8: Customer Success Story & Next Steps -->
+
+# Proven in Similar Environments
+
+> *"A fintech client reduced breach risk by 70% in 6 months with Trend Vision One – unifying visibility and automating response."*
+
+**Your Next Steps:**
+1. **Pilot Program** – Deploy Vision One in your AWS environment (2 weeks)
+2. **Architecture Workshop** – Tailor playbooks to your specific risks
+3. **Full Rollout** – Phased, measured, supported
+
+**Let's start with a no‑risk proof of concept.**
+
+---
+
+<!-- Speaker Notes (for Jason) -->
+<!-- 
+- Slide 2: Mention real examples: phishing near-miss like the one they had; siloed visibility I saw at Kaiser; ad hoc IR similar to early Verizon days.
+- Slide 4: Highlight my AWS GovCloud experience – I've built these connectors at scale.
+- Slide 5: Staging story from Entrust builds credibility.
+- Slide 6: Verizon/ TBX metrics give weight.
+- Slide 7: My API/automation background makes integration real.
+- Slide 8: Fictional story but grounded in Denver Health / Kaiser work.
+-->
\ No newline at end of file