Behavior Analytics Will Leapfrog Security

Uploaded on 2017-03-07 in NEWS-Cybersecurity News, FREE TO VIEW

So-called “credentials-based attacks” on corporate and government networks using, for example, stolen passwords or other authentication mechanisms, are among the fastest growing cyber threats. However, skeptics are questioning the ability of traditional security information and event management (SIEM) systems to detect the use of stolen passwords or insider attacks.

Exabeam, the California behavioral analytics specialist said it is attempting to plug the SIEM gap with a new security intelligence platform designed to sweep up more data that can be used by analysts to identify security threats. Once threats are spotted, the platform is targeted at assisting human analysts handling incident response.

The company also is targeting the growing SIEM market that is expected to reach an estimated $3 billion by 2020. Market watcher ABI Research have predicted that log-based SIEM approaches would be separated and eventually integrated with user and entity behavior analytics platforms such as Exabeam’s.

Meanwhile, emerging deep learning algorithms also are expected to make inroads in the cyber-security market, ABI Research said. Overall, it forecast that cyber-security tools based on machine learning could push big data and analytics spending to an estimated $96 billion by 2021.

Along with analytics and a log manager, the Exabeam security platform includes an “incident responder” and a “threat hunter” capability. The former handles “chronic” security shortfalls ranging from stolen passwords and data theft to malware and phishing attacks. The threat detector is designed to allow security analysts to scan for network attacks and then search user profiles that might be related to specific attacks.

Those tools are part of a broader effort by cyber-security vendors to offer real-time threat detection, a capability that would help reduce the scope of increasingly inevitable attacks and data breaches.

Exabeam said its new platform also allows for the integration of cloud-based log management and incident response data. Once connected to cloud services, data is linked to on-premise user behavior.

The company added that its log manager and incident response tools have been undergoing beta testing among several unnamed commercial companies and public organizations. The platform also will be demonstrated during next month’s RSA security conference in San Francisco.

As the threat of data breaches grows, threat detection and response has fallen short, asserted Nir Polak, CEO and co-founder of Exabeam. “A completely new approach to data protection is required, one that relies on modern analytics and automation, married to human expertise.”

Exabeam’s log manager collects and indexes security data for analysts to search. The company notes that pricing is not based on data volume, enabling better compliance reporting along with security scanning. The analytics suite is touted as being able to detect credential-based threats even when attackers switch devices or identities. The five components of the security intelligence platform can be deployed separately or in combination.

Datanami

CIOs Defend Against Cybersecurity Threats Using Behavioral Analytics:

Behavior Analytics Tools For Cyber-Security:

 

« Twitter Gains 2m Users But Loses $457m
Healthcare Staff Trigger Google Cyber Defense »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

NRI Secure Technologies

NRI Secure Technologies

NRI SecureTechnologies is a Cybersecurity group company of the Nomura Research Institute (NRI) and a global provider of next-generation Managed Security Services and Security Consulting.

Ntrepid

Ntrepid

Ntrepid products provide protection from web threats and enable organizations to safely conduct their online activities.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

Living Security

Living Security

Living Security specializes in metric driven and engaging security awareness solutions that reduce risk by increasing security culture and changing employee behaviour.

Zeguro

Zeguro

Zeguro provides complete cybersecurity risk assessment, mitigation and insurance, allowing you to easily manage your cyber risk.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

Rocheston

Rocheston

Rocheston is an innovation company with cutting-edge research and development in emerging technologies such as Cybersecurity, Internet of Things, Big Data and automation.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Jericho Security

Jericho Security

Jericho Security is on a mission to defend the world from the new threats of generative AI cyber attacks.

Sweet Security

Sweet Security

Sweet Security delivers Runtime Attack Security for Cloud Workloads.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.

Conifers

Conifers

Empower your existing SecOps team with the strength of AI - achieve SOC excellence with Conifers CognitiveSOC.