Threat Intelligence
6/19/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SailPoint Lays Out Its Vision for the Next Frontier in Identity with IdentityAI

New identity analytics solution leverages machine learning and user behavior analytics to bring visibility to customers.

AUSTIN, Texas--During the company’s keynote session at Navigate ’17, SailPoint, the leader in enterprise identity management, shared the company’s plans to add artificial intelligence to its open identity platform, making identity-aware infrastructures smarter, more intelligent, and more responsive. To make this vision a reality, SailPoint previewed its new identity analytics solution, SailPoint IdentityAITM, which will provide customers with the visibility they need to understand the risk associated with user access, detect anomalous behavior which may be indicative of a breach, and to focus their governance controls to more efficiently and effectively manage identities.

According to SailPoint President and Co-founder Kevin Cunningham, "In cybersecurity, visibility is everything. Unfortunately, we are all too often blind to hackers’ actions until it’s far too late. Business managers lack a deep understanding and risk context needed to make critical access decisions, while security and operations teams struggle with a high number of ‘false positives.’ As a result, many breaches go undetected for extended periods of time, resulting in greater loss of data and financial exposure, subsequent customer churn and brand reputation damage,” said Cunningham. “What’s needed today is a tool that sorts through the incredible amount of identity data that security operations teams must ‘see through’ to detect a potential ongoing breach."

"We can no longer accept this lack of visibility – the cost of undetected breaches and falling out of compliance is just too high," continued Cunningham. "As both the regulatory and threat landscape evolve, so should the role of identity management. With IdentityAI, we’re delivering a solution that will allow customers to swiftly sift through the millions of bits of activity and access privileges to see what is truly happening on their network, long before any of their sensitive data winds up on the dark web. We believe identity analytics is the logical – and highly critical – next step in identity management’s evolution."

"We believe that having visibility into user access is important, but perhaps even more important is the ability to turn that visibility into insights about high-risk users, access, and/or behaviors," said Andrew Linn, SVP and Chief Information Officer for Orrstown Bank. "Such insights allow us to focus our controls on the riskiest and most likely scenarios to be abused by external attackers or rogue insiders. The challenge is that manually sifting through mountains of identity data to uncover these insights is impractical if not impossible. We believe that machine learning technology gives us the analytical power and speed to effectively sort through all of the ‘identity noise’ to find the insights that really add value. As such, we see significant value in adding IdentityAI to our identity governance program."

SailPoint: Making Identity Smarter

By adding identity analytics to SailPoint’s open identity platform, SailPoint will enable customers to manage their identities smarter, boosting the impact of their existing identity governance program and better mitigating potential threats. SailPoint IdentityAI, available later this year, will extend the value of SailPoint’s open identity platform by allowing organizations to:

·        Manage Risk: IdentityAI detects and alerts on anomalous behaviors and potential threats using artificial intelligence technology to perform peer group analysis, behavioral pattern matching, and statistical analysis. The machine learning analytics engine scans massive amounts of identity data to identify risks without having to rely on a team of security experts.

·        Govern Smarter: IdentityAI makes identity smarter by contextualizing and focusing identity governance controls on high-risk scenarios and conditions, such as anomalous or inappropriate access events, by initiating automated governance actions in real-time.

·        Increase Efficiency: IdentityAI improves the operational efficiency of the IT organization and business productivity by automating identity governance activities for routine and low-risk access.

"With the right intelligence, organizations can identify and mitigate risks as well as improve operational efficiency without requiring more from their already over-stretched IT staff. IdentityAI gives organizations a tool that tracks behavioral patterns over time and utilizes machine learning to highlight anomalies, quickly detecting an identity incident out of the norm and focusing controls on it," said Kevin Cunningham. "By adding IdentityAI as an extension of our open identity platform, we’re giving customers the visibility they need to make their identity governance programs smarter and more powerful than ever before."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.