Behavior Analytics Will Leapfrog Security

Uploaded on 2017-03-07 in NEWS-Cybersecurity News, FREE TO VIEW

So-called “credentials-based attacks” on corporate and government networks using, for example, stolen passwords or other authentication mechanisms, are among the fastest growing cyber threats. However, skeptics are questioning the ability of traditional security information and event management (SIEM) systems to detect the use of stolen passwords or insider attacks.

Exabeam, the California behavioral analytics specialist said it is attempting to plug the SIEM gap with a new security intelligence platform designed to sweep up more data that can be used by analysts to identify security threats. Once threats are spotted, the platform is targeted at assisting human analysts handling incident response.

The company also is targeting the growing SIEM market that is expected to reach an estimated $3 billion by 2020. Market watcher ABI Research have predicted that log-based SIEM approaches would be separated and eventually integrated with user and entity behavior analytics platforms such as Exabeam’s.

Meanwhile, emerging deep learning algorithms also are expected to make inroads in the cyber-security market, ABI Research said. Overall, it forecast that cyber-security tools based on machine learning could push big data and analytics spending to an estimated $96 billion by 2021.

Along with analytics and a log manager, the Exabeam security platform includes an “incident responder” and a “threat hunter” capability. The former handles “chronic” security shortfalls ranging from stolen passwords and data theft to malware and phishing attacks. The threat detector is designed to allow security analysts to scan for network attacks and then search user profiles that might be related to specific attacks.

Those tools are part of a broader effort by cyber-security vendors to offer real-time threat detection, a capability that would help reduce the scope of increasingly inevitable attacks and data breaches.

Exabeam said its new platform also allows for the integration of cloud-based log management and incident response data. Once connected to cloud services, data is linked to on-premise user behavior.

The company added that its log manager and incident response tools have been undergoing beta testing among several unnamed commercial companies and public organizations. The platform also will be demonstrated during next month’s RSA security conference in San Francisco.

As the threat of data breaches grows, threat detection and response has fallen short, asserted Nir Polak, CEO and co-founder of Exabeam. “A completely new approach to data protection is required, one that relies on modern analytics and automation, married to human expertise.”

Exabeam’s log manager collects and indexes security data for analysts to search. The company notes that pricing is not based on data volume, enabling better compliance reporting along with security scanning. The analytics suite is touted as being able to detect credential-based threats even when attackers switch devices or identities. The five components of the security intelligence platform can be deployed separately or in combination.

Datanami

CIOs Defend Against Cybersecurity Threats Using Behavioral Analytics:

Behavior Analytics Tools For Cyber-Security:

 

« Twitter Gains 2m Users But Loses $457m
Healthcare Staff Trigger Google Cyber Defense »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Synovum

Synovum

Synovum was formed with the intention to provide high quality advice, consultancy, training and project management services to clients in all sectors of industry.

Defense Advanced Research Projects Agency (DARPA)

Defense Advanced Research Projects Agency (DARPA)

DARPA's mission is to develop breakthrough technologies for national security. The Information Innovation Office undertakes cyber security activities.

Cyber Future Foundation (CFF)

Cyber Future Foundation (CFF)

CFF was established to create a cyberspace where digital commerce and innovation can thrive based on trust and respect to individual privacy.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

Sungard Availability Services (Sungard AS)

Sungard Availability Services (Sungard AS)

Sungard AS partners with customers around the globe to understand their unique business needs and provide production and recovery services tailored to their requirements.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

Oort

Oort

Oort is an identity threat detection and response platform for enterprise security. The Oort platform is API-driven, cloud-native and agentless for rapid time to value and high scalability.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.