Behavior Analytics Will Leapfrog Security

Uploaded on 2017-03-07 in NEWS-Cybersecurity News, FREE TO VIEW

So-called “credentials-based attacks” on corporate and government networks using, for example, stolen passwords or other authentication mechanisms, are among the fastest growing cyber threats. However, skeptics are questioning the ability of traditional security information and event management (SIEM) systems to detect the use of stolen passwords or insider attacks.

Exabeam, the California behavioral analytics specialist said it is attempting to plug the SIEM gap with a new security intelligence platform designed to sweep up more data that can be used by analysts to identify security threats. Once threats are spotted, the platform is targeted at assisting human analysts handling incident response.

The company also is targeting the growing SIEM market that is expected to reach an estimated $3 billion by 2020. Market watcher ABI Research have predicted that log-based SIEM approaches would be separated and eventually integrated with user and entity behavior analytics platforms such as Exabeam’s.

Meanwhile, emerging deep learning algorithms also are expected to make inroads in the cyber-security market, ABI Research said. Overall, it forecast that cyber-security tools based on machine learning could push big data and analytics spending to an estimated $96 billion by 2021.

Along with analytics and a log manager, the Exabeam security platform includes an “incident responder” and a “threat hunter” capability. The former handles “chronic” security shortfalls ranging from stolen passwords and data theft to malware and phishing attacks. The threat detector is designed to allow security analysts to scan for network attacks and then search user profiles that might be related to specific attacks.

Those tools are part of a broader effort by cyber-security vendors to offer real-time threat detection, a capability that would help reduce the scope of increasingly inevitable attacks and data breaches.

Exabeam said its new platform also allows for the integration of cloud-based log management and incident response data. Once connected to cloud services, data is linked to on-premise user behavior.

The company added that its log manager and incident response tools have been undergoing beta testing among several unnamed commercial companies and public organizations. The platform also will be demonstrated during next month’s RSA security conference in San Francisco.

As the threat of data breaches grows, threat detection and response has fallen short, asserted Nir Polak, CEO and co-founder of Exabeam. “A completely new approach to data protection is required, one that relies on modern analytics and automation, married to human expertise.”

Exabeam’s log manager collects and indexes security data for analysts to search. The company notes that pricing is not based on data volume, enabling better compliance reporting along with security scanning. The analytics suite is touted as being able to detect credential-based threats even when attackers switch devices or identities. The five components of the security intelligence platform can be deployed separately or in combination.

Datanami

CIOs Defend Against Cybersecurity Threats Using Behavioral Analytics:

Behavior Analytics Tools For Cyber-Security:

 

« Twitter Gains 2m Users But Loses $457m
Healthcare Staff Trigger Google Cyber Defense »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

HackCon Norway

HackCon Norway

HackCon is for the people who are interested in technology, psychology, IT and security, and who wants to improve their knowledge within these areas.

Odyssey

Odyssey

Odyssey is an ISO 27001 certified, Cyber -Security, Infrastructure and Risk Management Solutions integrator and a Managed Security Services Provider.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

Iron Bow Technologies

Iron Bow Technologies

Iron Bow Technologies is a leading IT solution provider dedicated to successfully transforming technology investments into business capabilities for government, commercial and healthcare clients.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

ControlMap

ControlMap

ControlMap is a software as a service platform with a mission to simplify and eliminate stress from everyday operations of modern IT compliance teams.

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security (NACS) - India

National Academy of Cyber Security provides Professional Training Courses and Programmes in Cyber Security.

Moonsense

Moonsense

Moonsense is on a mission to level the playing field in the fight against online fraud.

nandin Innovation Centre

nandin Innovation Centre

nandin is ANSTO’s Innovation Centre (Australian Nuclear Science and Technology Organisation) where science and technology entrepreneurs, startups and graduates come together.

Everfox

Everfox

Everfox (formerly Forcepoint Federal) has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years.

Token Security

Token Security

Token is the new approach designed for the identity boom era. Introducing Machine-First Identity Security.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.

Clear Ridge Defense

Clear Ridge Defense

Clear Ridge was founded in April 2015 with the mission and vision to support Joint, Service Cyber Components, and commercial clients in specialized cyber support.