Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/7/2018
09:17 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Digital Guardian Releases New User and Entity Behavior Analytics Capability

Delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data.

Las Vegas, Nevada – August 7, 2018 Digital Guardian today announced that it has released new User and Entity Behavior Analytics (UEBA) capabilities for its cloud-delivered Data Protection Platform. Supplementing data classification and rule-based policies, the Digital Guardian Data Protection Platform now delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data. Digital Guardian’s UEBA capabilities significantly enhance its Data Loss Prevention (DLP) and Endpoint Detection and Response (EDR) applications for more effective identification, mitigation and communication of enterprise data risk.

The Digital Guardian Data Protection Platform extends beyond its statistical means to leverage advanced machine learning techniques to gain an understanding of how both users and entities typically behave within an environment. By first establishing a baseline of normal activity, Digital Guardian can identify anomalies amongst vast data sets to trigger alarms when detecting changes in user and system workflows, application executions, and data accessed or moved. Digital Guardian delivers the added visibility and context to enable faster and more accurate determination of real risk.

“Effective data security begins by understanding the risk associated with how users and systems interact with data,” said Ken Levine, president and chief executive officer, Digital Guardian. “CISOs are in the business of managing risk and our UEBA technology enables them to make more effective business decisions. Digital Guardian is introducing an innovative risk based approach to threat prioritization – we are enabling security teams to not only reduce incident remediation times with high fidelity alarms, but also prioritizing the most important and severe alarms targeting organizations’ sensitive data.”

The UEBA capabilities are visualized through a unique Executive Risk Dashboard, which combines the ability for security analysts and business leaders to view the most suspicious behaviors in their enterprise and rapidly pivot into full details of the anomalies, data loss events and suspicious endpoint activity. This also enables organizations to visualize, assess and understand their risk posture more effectively, allowing executives to have deeper policy discussions and set appropriate controls for safe-guarding sensitive data.

“We are constantly innovating our cloud-delivered Digital Guardian Data Protection Platform, and our new UEBA capabilities provide our customers with more effective risk management and deeper visibility into suspicious activities,” said David Karp, chief product officer, Digital Guardian. “We have rounded out the triumvirate of key capabilities by combining behavioral analytics, data loss prevention, and endpoint detection and response and are uniquely capable of understanding sensitive data and protecting it from all threats – whether they originate with a trusted insider or external adversary.”

“UEBA can be useful for every data protection program as it enables enhanced detection for insider threats and identifies potential anomalous activity in real-time. This can help accelerate investigations and time to resolution,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Integrating UEBA into the Digital Guardian Data Protection Platform can provide a higher level of protection for corporations looking to protect their most sensitive data and critical assets.”

Key Benefits of Combining UEBA Capabilities with the DG Data Protection Platform

Prioritize and Investigate the Most Serious Risks – Digital Guardian UEBA monitors the most comprehensive set of behavioral events about your systems, users and data, and quickly pinpoints anomalies. Digital Guardian can collect and preserve chain-of-custody forensic evidence including capture files, system artifacts, screenshots and keystrokes, allowing incidents to be reconstructed in their full context. Alarms are triggered for the highest fidelity indicators that warrant additional investigation.

Detect and Mitigate Threats Faster – accurately identify and stop insider threats by employees, contractors and privileged users before sensitive data leaves the organization. Real-time user and entity analytics understands which behaviors or actions deviate from baseline activities and represent risk. Digital Guardian’s deep visibility and automated data classification gives context to those actions by highlighting the behaviors targeting the most sensitive assets. Flexible, and automated controls allow benign actions but block risky or unusual behavior.

Reduce Dwell Time – Digital Guardian’s cloud-delivered Data Protection Platform can detect threats and stop data exfiltration from internal and external threats. User and entity behaviors are aggregated to create risk scores to help analysts identify actions that are indicative of real threats. Once confirmed, analysts can blacklist processes across the enterprise from virtually any screen enabling faster and more accurate response for real-time remediation. Policy changes can also be made from the same screen.

Security Analyst-Approved Dashboards and Workspaces for Guided Responses – Digital Guardian’s expert team of threat hunters, incident responders, and information security analysts developed workspaces to guide security professionals to the events that matter when identifying anomalous and suspicious insider activity. Digital Guardian’s Executive Risk Dashboard aggregates risk scores to simplify communicating risks to other executives and board members, while providing granular access to the individual behaviors and events security teams require to identify activity compromising systems and data, then build and enforce policies to protect sensitive information.

To learn more please read the Digital Guardian UEBA Solution Sheet or visit: https://info.digitalguardian.com/rs/768-OQW-145/images/DG-UEBA-datasheet.pdf.

ABOUT DIGITAL GUARDIAN

Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from both insider threats and external adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information. For almost 15 years, it has enabled data-rich organizations to protect their most valuable assets with a choice of on premises, SaaS or managed service deployment. Digital Guardian’s unique data awareness combined with behavioral threat detection and response, enables you to protect data without slowing the pace of your business. To learn more please visit: https://digitalguardian.com/.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6852
PUBLISHED: 2019-11-20
A CWE-200: Information Exposure vulnerability exists in Modicon Controllers (M340 CPUs, M340 communication modules, Premium CPUs, Premium communication modules, Quantum CPUs, Quantum communication modules - see security notification for specific versions), which could cause the disclosure of FTP har...
CVE-2019-6853
PUBLISHED: 2019-11-20
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.
CVE-2013-2092
PUBLISHED: 2019-11-20
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.
CVE-2013-2093
PUBLISHED: 2019-11-20
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.
CVE-2015-3166
PUBLISHED: 2019-11-20
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as d...