mercredi 8 octobre 2014

Big data helps with detection of cyber attacks

cyber attack


The main problem that organizations face when combating cyber attacks is that they don't know what to look for and find it difficult to interpret all the data they get from their networks.


Big data analytics company Exabeam has a new product that can cut through the forest of data to make it easier to detect attacks and insider threats in real time using existing security information and event management (SIEM) details.


What Exabeam does is to add a layer of user behavior intelligence on top of existing SIEM and log management data to give IT security teams a complete view of the attack chain. This helps to spotlight valid attack indicators which currently risk getting lost in a sea of security noise.


According to research from Verizon 76 percent of network intrusions in 2013 used authorized credentials to impersonate legitimate users. This is something existing SIEM technologies struggle to detect, Exabeam provides access to real-time data which makes it easier to spot suspicious behavior.


Session Page_for media


"For too long, security teams couldn’t get ahead of hackers because they didn't know what to look for, had too many security alerts to process and didn’t get the complete picture of what was happening in their network," says Nir Polak, Exabeam's CEO and co-founder. "Exabeam fundamentally changes the way that cyberattacks are managed by addressing these challenges in an automated way and giving security teams the intelligence they need in real time. The future of cyberattack management starts with Exabeam, and the future is now".


Capabilities of the Exabeam platform include extraction and enrichment of existing log feeds, such as Windows, Unix, VPN and security events. It also allows tracking of all user activities regardless of the IP, devices and accounts used.


It uses machine learning to carry out behavioral analysis to automatically and continuously learn user and peer group behavior. By applying risk scoring it can assess the importance of a threat taking into account user access, assets exposed and threat intelligence.


You can find out more and request a demo of the product on the Exabeam website.


Photo credit: Tashatuvango/Shutterstock






Aucun commentaire:

Enregistrer un commentaire