Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/7/2018
09:17 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Digital Guardian Releases New User and Entity Behavior Analytics Capability

Delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data.

Las Vegas, Nevada – August 7, 2018 Digital Guardian today announced that it has released new User and Entity Behavior Analytics (UEBA) capabilities for its cloud-delivered Data Protection Platform. Supplementing data classification and rule-based policies, the Digital Guardian Data Protection Platform now delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data. Digital Guardian’s UEBA capabilities significantly enhance its Data Loss Prevention (DLP) and Endpoint Detection and Response (EDR) applications for more effective identification, mitigation and communication of enterprise data risk.

The Digital Guardian Data Protection Platform extends beyond its statistical means to leverage advanced machine learning techniques to gain an understanding of how both users and entities typically behave within an environment. By first establishing a baseline of normal activity, Digital Guardian can identify anomalies amongst vast data sets to trigger alarms when detecting changes in user and system workflows, application executions, and data accessed or moved. Digital Guardian delivers the added visibility and context to enable faster and more accurate determination of real risk.

“Effective data security begins by understanding the risk associated with how users and systems interact with data,” said Ken Levine, president and chief executive officer, Digital Guardian. “CISOs are in the business of managing risk and our UEBA technology enables them to make more effective business decisions. Digital Guardian is introducing an innovative risk based approach to threat prioritization – we are enabling security teams to not only reduce incident remediation times with high fidelity alarms, but also prioritizing the most important and severe alarms targeting organizations’ sensitive data.”

The UEBA capabilities are visualized through a unique Executive Risk Dashboard, which combines the ability for security analysts and business leaders to view the most suspicious behaviors in their enterprise and rapidly pivot into full details of the anomalies, data loss events and suspicious endpoint activity. This also enables organizations to visualize, assess and understand their risk posture more effectively, allowing executives to have deeper policy discussions and set appropriate controls for safe-guarding sensitive data.

“We are constantly innovating our cloud-delivered Digital Guardian Data Protection Platform, and our new UEBA capabilities provide our customers with more effective risk management and deeper visibility into suspicious activities,” said David Karp, chief product officer, Digital Guardian. “We have rounded out the triumvirate of key capabilities by combining behavioral analytics, data loss prevention, and endpoint detection and response and are uniquely capable of understanding sensitive data and protecting it from all threats – whether they originate with a trusted insider or external adversary.”

“UEBA can be useful for every data protection program as it enables enhanced detection for insider threats and identifies potential anomalous activity in real-time. This can help accelerate investigations and time to resolution,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Integrating UEBA into the Digital Guardian Data Protection Platform can provide a higher level of protection for corporations looking to protect their most sensitive data and critical assets.”

Key Benefits of Combining UEBA Capabilities with the DG Data Protection Platform

Prioritize and Investigate the Most Serious Risks – Digital Guardian UEBA monitors the most comprehensive set of behavioral events about your systems, users and data, and quickly pinpoints anomalies. Digital Guardian can collect and preserve chain-of-custody forensic evidence including capture files, system artifacts, screenshots and keystrokes, allowing incidents to be reconstructed in their full context. Alarms are triggered for the highest fidelity indicators that warrant additional investigation.

Detect and Mitigate Threats Faster – accurately identify and stop insider threats by employees, contractors and privileged users before sensitive data leaves the organization. Real-time user and entity analytics understands which behaviors or actions deviate from baseline activities and represent risk. Digital Guardian’s deep visibility and automated data classification gives context to those actions by highlighting the behaviors targeting the most sensitive assets. Flexible, and automated controls allow benign actions but block risky or unusual behavior.

Reduce Dwell Time – Digital Guardian’s cloud-delivered Data Protection Platform can detect threats and stop data exfiltration from internal and external threats. User and entity behaviors are aggregated to create risk scores to help analysts identify actions that are indicative of real threats. Once confirmed, analysts can blacklist processes across the enterprise from virtually any screen enabling faster and more accurate response for real-time remediation. Policy changes can also be made from the same screen.

Security Analyst-Approved Dashboards and Workspaces for Guided Responses – Digital Guardian’s expert team of threat hunters, incident responders, and information security analysts developed workspaces to guide security professionals to the events that matter when identifying anomalous and suspicious insider activity. Digital Guardian’s Executive Risk Dashboard aggregates risk scores to simplify communicating risks to other executives and board members, while providing granular access to the individual behaviors and events security teams require to identify activity compromising systems and data, then build and enforce policies to protect sensitive information.

To learn more please read the Digital Guardian UEBA Solution Sheet or visit: https://info.digitalguardian.com/rs/768-OQW-145/images/DG-UEBA-datasheet.pdf.

ABOUT DIGITAL GUARDIAN

Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from both insider threats and external adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information. For almost 15 years, it has enabled data-rich organizations to protect their most valuable assets with a choice of on premises, SaaS or managed service deployment. Digital Guardian’s unique data awareness combined with behavioral threat detection and response, enables you to protect data without slowing the pace of your business. To learn more please visit: https://digitalguardian.com/.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18987
PUBLISHED: 2019-11-15
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.
CVE-2019-18986
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
CVE-2019-18981
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
CVE-2019-18982
PUBLISHED: 2019-11-15
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
CVE-2019-18985
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 lacks brute force protection for the 2FA token.