Today, Niara announced that the latest release of its security analytics platform provides modular and data-agnostic behavioral analytics. A simple statement, but one that has important consequences for the application of user behavior analytics (UBA) to cybersecurity.
As you probably know, advanced attacks are notoriously difficult to detect. There are no patterns that can be used to definitively say that something is an attack. That’s why signature- and rule-based security systems alone are failing to protect organizations in the ever-evolving attack landscape. These systems generate warnings due to suspicious activities, which may or may not indicate an actual attack. This adds to the daily deluge of alerts and other security information inundating security analysts. UBA promises to help analysts make sense of the massive amount of data they confront every day, and not add to the alert white noise problem by surfacing anomalies that can turn out to be false positives. Niara’s security analytics platform fulfills that promise, identifying anomalies and more reliably linking maliciousness to them, to focus analysts on the attacks that matter. Not all solutions can claim that.
The breadth of Niara’s multi-dimensional analytics, including privilege escalation, lateral movement, abnormal access to high-value resources, command and control and exfiltration activities, is what enables Niara to provide such rich information about attacks on the inside. Now, with our latest announcement, Niara has now raised the bar by allowing organizations to use the power of these multi-dimensional analytics to analyze any data source as well as to adapt the behavioral analytics modules.
- Any data source (e.g., badge logs, cloud logs, application logs, endpoint logs, etc.) including company-specific ones (e.g., custom application logs that a company may develop in house, new cloud applications that the company may adopt, etc.) can be used as input for Niara’s existing behavioral analytics modules.
- Behavioral analytics modules can be customized to a company’s unique environment. Security analysts do this by selecting new features not currently being used by Niara’s analytics, training the underlying machine learning models.
With this advance, organizations aren’t constrained to deriving security insights from only vendor-supported data sources and vendor-defined features. For example, Niara can now provide companies with even better visibility into the danger posed by a rogue user by unifying security insights from the physical and digital words via behavioral analytics applied to badge logs and Active Directory (AD) logs. This flexibility results in much richer Entity360™ risk profiles, allowing attacks to be detected with greater precision and dramatically reducing the time and skill needed to investigate and respond to security events.
Niara’s machine learning models are already delivering results at a number of Fortune 500 companies. Our case studies provide great details about how we are helping customers. Now, by providing behavioral analytics that are modular and data-agnostic, Niara makes it significantly easier for companies to more broadly benefit from these proven machine-learning models – and continue to have confidence in the results produced by the platform.
If you are interested in seeing Niara in action, request a demo. We’ll also be at RSA Conference 2016 where we can show you a live demo of how Niara can find attacks on the inside of your organizations and tell you more about the latest developments in our security analytics technology. Schedule a meeting online if you’d like to privately meet with one of Niara’s executives, or just stop by booth number 3135 in Moscone Center North Hall.