Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/7/2018
09:17 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Digital Guardian Releases New User and Entity Behavior Analytics Capability

Delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data.

Las Vegas, Nevada – August 7, 2018 Digital Guardian today announced that it has released new User and Entity Behavior Analytics (UEBA) capabilities for its cloud-delivered Data Protection Platform. Supplementing data classification and rule-based policies, the Digital Guardian Data Protection Platform now delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data. Digital Guardian’s UEBA capabilities significantly enhance its Data Loss Prevention (DLP) and Endpoint Detection and Response (EDR) applications for more effective identification, mitigation and communication of enterprise data risk.

The Digital Guardian Data Protection Platform extends beyond its statistical means to leverage advanced machine learning techniques to gain an understanding of how both users and entities typically behave within an environment. By first establishing a baseline of normal activity, Digital Guardian can identify anomalies amongst vast data sets to trigger alarms when detecting changes in user and system workflows, application executions, and data accessed or moved. Digital Guardian delivers the added visibility and context to enable faster and more accurate determination of real risk.

“Effective data security begins by understanding the risk associated with how users and systems interact with data,” said Ken Levine, president and chief executive officer, Digital Guardian. “CISOs are in the business of managing risk and our UEBA technology enables them to make more effective business decisions. Digital Guardian is introducing an innovative risk based approach to threat prioritization – we are enabling security teams to not only reduce incident remediation times with high fidelity alarms, but also prioritizing the most important and severe alarms targeting organizations’ sensitive data.”

The UEBA capabilities are visualized through a unique Executive Risk Dashboard, which combines the ability for security analysts and business leaders to view the most suspicious behaviors in their enterprise and rapidly pivot into full details of the anomalies, data loss events and suspicious endpoint activity. This also enables organizations to visualize, assess and understand their risk posture more effectively, allowing executives to have deeper policy discussions and set appropriate controls for safe-guarding sensitive data.

“We are constantly innovating our cloud-delivered Digital Guardian Data Protection Platform, and our new UEBA capabilities provide our customers with more effective risk management and deeper visibility into suspicious activities,” said David Karp, chief product officer, Digital Guardian. “We have rounded out the triumvirate of key capabilities by combining behavioral analytics, data loss prevention, and endpoint detection and response and are uniquely capable of understanding sensitive data and protecting it from all threats – whether they originate with a trusted insider or external adversary.”

“UEBA can be useful for every data protection program as it enables enhanced detection for insider threats and identifies potential anomalous activity in real-time. This can help accelerate investigations and time to resolution,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Integrating UEBA into the Digital Guardian Data Protection Platform can provide a higher level of protection for corporations looking to protect their most sensitive data and critical assets.”

Key Benefits of Combining UEBA Capabilities with the DG Data Protection Platform

Prioritize and Investigate the Most Serious Risks – Digital Guardian UEBA monitors the most comprehensive set of behavioral events about your systems, users and data, and quickly pinpoints anomalies. Digital Guardian can collect and preserve chain-of-custody forensic evidence including capture files, system artifacts, screenshots and keystrokes, allowing incidents to be reconstructed in their full context. Alarms are triggered for the highest fidelity indicators that warrant additional investigation.

Detect and Mitigate Threats Faster – accurately identify and stop insider threats by employees, contractors and privileged users before sensitive data leaves the organization. Real-time user and entity analytics understands which behaviors or actions deviate from baseline activities and represent risk. Digital Guardian’s deep visibility and automated data classification gives context to those actions by highlighting the behaviors targeting the most sensitive assets. Flexible, and automated controls allow benign actions but block risky or unusual behavior.

Reduce Dwell Time – Digital Guardian’s cloud-delivered Data Protection Platform can detect threats and stop data exfiltration from internal and external threats. User and entity behaviors are aggregated to create risk scores to help analysts identify actions that are indicative of real threats. Once confirmed, analysts can blacklist processes across the enterprise from virtually any screen enabling faster and more accurate response for real-time remediation. Policy changes can also be made from the same screen.

Security Analyst-Approved Dashboards and Workspaces for Guided Responses – Digital Guardian’s expert team of threat hunters, incident responders, and information security analysts developed workspaces to guide security professionals to the events that matter when identifying anomalous and suspicious insider activity. Digital Guardian’s Executive Risk Dashboard aggregates risk scores to simplify communicating risks to other executives and board members, while providing granular access to the individual behaviors and events security teams require to identify activity compromising systems and data, then build and enforce policies to protect sensitive information.

To learn more please read the Digital Guardian UEBA Solution Sheet or visit: https://info.digitalguardian.com/rs/768-OQW-145/images/DG-UEBA-datasheet.pdf.

ABOUT DIGITAL GUARDIAN

Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from both insider threats and external adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information. For almost 15 years, it has enabled data-rich organizations to protect their most valuable assets with a choice of on premises, SaaS or managed service deployment. Digital Guardian’s unique data awareness combined with behavioral threat detection and response, enables you to protect data without slowing the pace of your business. To learn more please visit: https://digitalguardian.com/.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
Kelly Sheridan, Staff Editor, Dark Reading,  8/21/2019
New FISMA Report Shows Progress, Gaps in Federal Cybersecurity
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/21/2019
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15516
PUBLISHED: 2019-08-23
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
CVE-2019-15517
PUBLISHED: 2019-08-23
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.
CVE-2019-15518
PUBLISHED: 2019-08-23
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
CVE-2019-15519
PUBLISHED: 2019-08-23
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
CVE-2019-15520
PUBLISHED: 2019-08-23
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory.