Behavior Analytics Will Leapfrog Security

Uploaded on 2017-03-07 in NEWS-Cybersecurity News, FREE TO VIEW

So-called “credentials-based attacks” on corporate and government networks using, for example, stolen passwords or other authentication mechanisms, are among the fastest growing cyber threats. However, skeptics are questioning the ability of traditional security information and event management (SIEM) systems to detect the use of stolen passwords or insider attacks.

Exabeam, the California behavioral analytics specialist said it is attempting to plug the SIEM gap with a new security intelligence platform designed to sweep up more data that can be used by analysts to identify security threats. Once threats are spotted, the platform is targeted at assisting human analysts handling incident response.

The company also is targeting the growing SIEM market that is expected to reach an estimated $3 billion by 2020. Market watcher ABI Research have predicted that log-based SIEM approaches would be separated and eventually integrated with user and entity behavior analytics platforms such as Exabeam’s.

Meanwhile, emerging deep learning algorithms also are expected to make inroads in the cyber-security market, ABI Research said. Overall, it forecast that cyber-security tools based on machine learning could push big data and analytics spending to an estimated $96 billion by 2021.

Along with analytics and a log manager, the Exabeam security platform includes an “incident responder” and a “threat hunter” capability. The former handles “chronic” security shortfalls ranging from stolen passwords and data theft to malware and phishing attacks. The threat detector is designed to allow security analysts to scan for network attacks and then search user profiles that might be related to specific attacks.

Those tools are part of a broader effort by cyber-security vendors to offer real-time threat detection, a capability that would help reduce the scope of increasingly inevitable attacks and data breaches.

Exabeam said its new platform also allows for the integration of cloud-based log management and incident response data. Once connected to cloud services, data is linked to on-premise user behavior.

The company added that its log manager and incident response tools have been undergoing beta testing among several unnamed commercial companies and public organizations. The platform also will be demonstrated during next month’s RSA security conference in San Francisco.

As the threat of data breaches grows, threat detection and response has fallen short, asserted Nir Polak, CEO and co-founder of Exabeam. “A completely new approach to data protection is required, one that relies on modern analytics and automation, married to human expertise.”

Exabeam’s log manager collects and indexes security data for analysts to search. The company notes that pricing is not based on data volume, enabling better compliance reporting along with security scanning. The analytics suite is touted as being able to detect credential-based threats even when attackers switch devices or identities. The five components of the security intelligence platform can be deployed separately or in combination.

Datanami

CIOs Defend Against Cybersecurity Threats Using Behavioral Analytics:

Behavior Analytics Tools For Cyber-Security:

 

« Twitter Gains 2m Users But Loses $457m
Healthcare Staff Trigger Google Cyber Defense »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

HackLabs

HackLabs

HackLabs is a penetration testing company providing services for network security, web application security and social engineering testing.

Cobwebs Technologies

Cobwebs Technologies

Cobwebs Technologies provide web intelligence solutions for Law Enforcement (including cybercrime), Intelligence Agencies and Federal Agencies.

PhishLine

PhishLine

PhishLine helps Information Security Professionals meet and overcome the increasing challenges associated with social engineering and phishing.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

Applied Science and Technology Research Institute Company Limited (ASTRI)

Applied Science and Technology Research Institute Company Limited (ASTRI)

ASTRI's mission is to enhance Hong Kong’s competitiveness in technology-based industries through applied research in areas including Security & Data Sciences which encompasses cybersecurity.

CybernetIQ

CybernetIQ

CLAW by CybernetIQ is the industry's most advanced SOAR platform helping unify all cybersecurity tools under one umbrella and providing organizations faster, better and more accurate cybersecurity.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

Center for Infrastructure Assurance and Security (CIAS)

Center for Infrastructure Assurance and Security (CIAS)

CIAS is developing the world's foremost center for multidisciplinary education and development of operational capabilities in the areas of infrastructure assurance and security.

Cyber Bytes Foundation

Cyber Bytes Foundation

Cyber Bytes Foundation exists to establish and sustain a unique Cyber Ecosystem to accelerate the development of a strong Cyber workforce and support community outreach programs.

RecoLabs

RecoLabs

Reco’s proprietary AI technology dynamically maps business interactions within your collaboration tools to identify sensitive assets shared and uncover incidents that are relevant to your business.

Traced

Traced

TRACED is changing the detection paradigm. Empowering defenders to go on the offense to engage cyber attackers before they compromise your organization.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.