CVE-2015-2857 is a remote command execution vulnerability in Accellion’s Secure File Transfer Appliance (FTA). Niara was the first to detect this vulnerability being exploited in the wild, resulting in cyber criminals having near complete access to everything on the target appliance. The..
First-generation User Behavioral Analytics (UBA) (which I touched on in a previous blog) took a new look at the problem with identifying specific users associated with a threat (an early pioneer was “ArcSight IdentityView”). It introduced the idea of using those identities and log data to build..
Gartner’s latest Market Guide on User Behavioral Analytics was published recently and SURPRISE! It’s not about user behavior analytics (UBA) anymore, but user and entity behavior analytics (UEBA). Avivah Litan outlines the reason for the change:
The security industry is in self-congratulatory mode over new capabilities such as User Behavior Analytics (UBA) and machine learning. Imagine that, software that can tell you that it is unusual for someone to access the general ledger at 2 a.m. for the first time.
Niara's security analytics platform helps organizations detect attacks that have managed to bypass the perimeter and other traditional security infrastructure. Here’s a real-world example on how to detect a recent piece of malware you may have seen in the news called “XcodeGhost”.
I thought the Rise of the Machines article was a great read. It provided some important background about artificial intelligence and machine learning, its use by companies to solve complex problems and some emerging concerns. Having recently seen Ex Machina (a thought-provoking movie!), I feel..
There’s been some great excitement in the cyber security industry around machine learning, especially with anomaly detection and behavioral analytics. Despite the buzz, I have noticed more than a healthy dose of skepticism amongst security experts.
Given that multi-stage attacks are becoming commonplace, and that there are significant challenges in detecting these advanced threats, can security analytics effectively help with attack detection on the inside of the network? Yes it can, but only if you keep a few things in mind.