Behavior Analytics Will Leapfrog Security

So-called “credentials-based attacks” on corporate and government networks using, for example, stolen passwords or other authentication mechanisms, are among the fastest growing cyber threats. However, skeptics are questioning the ability of traditional security information and event management (SIEM) systems to detect the use of stolen passwords or insider attacks.

Exabeam, the California behavioral analytics specialist said it is attempting to plug the SIEM gap with a new security intelligence platform designed to sweep up more data that can be used by analysts to identify security threats. Once threats are spotted, the platform is targeted at assisting human analysts handling incident response.

The company also is targeting the growing SIEM market that is expected to reach an estimated $3 billion by 2020. Market watcher ABI Research have predicted that log-based SIEM approaches would be separated and eventually integrated with user and entity behavior analytics platforms such as Exabeam’s.

Meanwhile, emerging deep learning algorithms also are expected to make inroads in the cyber-security market, ABI Research said. Overall, it forecast that cyber-security tools based on machine learning could push big data and analytics spending to an estimated $96 billion by 2021.

Along with analytics and a log manager, the Exabeam security platform includes an “incident responder” and a “threat hunter” capability. The former handles “chronic” security shortfalls ranging from stolen passwords and data theft to malware and phishing attacks. The threat detector is designed to allow security analysts to scan for network attacks and then search user profiles that might be related to specific attacks.

Those tools are part of a broader effort by cyber-security vendors to offer real-time threat detection, a capability that would help reduce the scope of increasingly inevitable attacks and data breaches.

Exabeam said its new platform also allows for the integration of cloud-based log management and incident response data. Once connected to cloud services, data is linked to on-premise user behavior.

The company added that its log manager and incident response tools have been undergoing beta testing among several unnamed commercial companies and public organizations. The platform also will be demonstrated during next month’s RSA security conference in San Francisco.

As the threat of data breaches grows, threat detection and response has fallen short, asserted Nir Polak, CEO and co-founder of Exabeam. “A completely new approach to data protection is required, one that relies on modern analytics and automation, married to human expertise.”

Exabeam’s log manager collects and indexes security data for analysts to search. The company notes that pricing is not based on data volume, enabling better compliance reporting along with security scanning. The analytics suite is touted as being able to detect credential-based threats even when attackers switch devices or identities. The five components of the security intelligence platform can be deployed separately or in combination.

Datanami

CIOs Defend Against Cybersecurity Threats Using Behavioral Analytics:

Behavior Analytics Tools For Cyber-Security:

 

« Twitter Gains 2m Users But Loses $457m
Healthcare Staff Trigger Google Cyber Defense »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

ABB

ABB

ABB is a pioneering technology leader in industrial digitalization. Services include cyber security for industrial control systems IoT.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Anect

Anect

Anect is a leading provider of ICT security and services for hybrid and cloud solutions.

CYSEC Academy

CYSEC Academy

CYSEC Academy offer cyber certifications, cyber assurance and cyber defense training, hands-on learning training modules, public, private and bespoke training courses.

CertiK

CertiK

CertiK uses rigorous Formal Verification technology to provide hacker-resistant smart contract and blockchain audits, thorough penetration testing, and customized security integrations.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

HighPoint

HighPoint

HighPoint is a leading technology infrastructure solutions provider offering consultancy, solutions and managed services for network infrastructure and cybersecurity.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

National Institute for Research & Development in Informatics (ICI Bucharest)

National Institute for Research & Development in Informatics (ICI Bucharest)

ICI Bucharest is the most important institute in the field of research, development and innovation in information and communication technology (ICT) in Romania.

Sec-Ops

Sec-Ops

Sec-Ops is a forward thinking cyber security company, formed by a group of security enthusiasts with years of experience and backgrounds in the technology and the government industries.

Evolve Business Group

Evolve Business Group

Evolve is an independently-owned managed network solutions provider, creating bespoke packages for customers globally since 2005.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.