Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/7/2018
09:17 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Digital Guardian Releases New User and Entity Behavior Analytics Capability

Delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data.

Las Vegas, Nevada – August 7, 2018 Digital Guardian today announced that it has released new User and Entity Behavior Analytics (UEBA) capabilities for its cloud-delivered Data Protection Platform. Supplementing data classification and rule-based policies, the Digital Guardian Data Protection Platform now delivers advanced analytics and anomaly-based detection to give deeper insight into suspicious activities surrounding sensitive data. Digital Guardian’s UEBA capabilities significantly enhance its Data Loss Prevention (DLP) and Endpoint Detection and Response (EDR) applications for more effective identification, mitigation and communication of enterprise data risk.

The Digital Guardian Data Protection Platform extends beyond its statistical means to leverage advanced machine learning techniques to gain an understanding of how both users and entities typically behave within an environment. By first establishing a baseline of normal activity, Digital Guardian can identify anomalies amongst vast data sets to trigger alarms when detecting changes in user and system workflows, application executions, and data accessed or moved. Digital Guardian delivers the added visibility and context to enable faster and more accurate determination of real risk.

“Effective data security begins by understanding the risk associated with how users and systems interact with data,” said Ken Levine, president and chief executive officer, Digital Guardian. “CISOs are in the business of managing risk and our UEBA technology enables them to make more effective business decisions. Digital Guardian is introducing an innovative risk based approach to threat prioritization – we are enabling security teams to not only reduce incident remediation times with high fidelity alarms, but also prioritizing the most important and severe alarms targeting organizations’ sensitive data.”

The UEBA capabilities are visualized through a unique Executive Risk Dashboard, which combines the ability for security analysts and business leaders to view the most suspicious behaviors in their enterprise and rapidly pivot into full details of the anomalies, data loss events and suspicious endpoint activity. This also enables organizations to visualize, assess and understand their risk posture more effectively, allowing executives to have deeper policy discussions and set appropriate controls for safe-guarding sensitive data.

“We are constantly innovating our cloud-delivered Digital Guardian Data Protection Platform, and our new UEBA capabilities provide our customers with more effective risk management and deeper visibility into suspicious activities,” said David Karp, chief product officer, Digital Guardian. “We have rounded out the triumvirate of key capabilities by combining behavioral analytics, data loss prevention, and endpoint detection and response and are uniquely capable of understanding sensitive data and protecting it from all threats – whether they originate with a trusted insider or external adversary.”

“UEBA can be useful for every data protection program as it enables enhanced detection for insider threats and identifies potential anomalous activity in real-time. This can help accelerate investigations and time to resolution,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Integrating UEBA into the Digital Guardian Data Protection Platform can provide a higher level of protection for corporations looking to protect their most sensitive data and critical assets.”

Key Benefits of Combining UEBA Capabilities with the DG Data Protection Platform

Prioritize and Investigate the Most Serious Risks – Digital Guardian UEBA monitors the most comprehensive set of behavioral events about your systems, users and data, and quickly pinpoints anomalies. Digital Guardian can collect and preserve chain-of-custody forensic evidence including capture files, system artifacts, screenshots and keystrokes, allowing incidents to be reconstructed in their full context. Alarms are triggered for the highest fidelity indicators that warrant additional investigation.

Detect and Mitigate Threats Faster – accurately identify and stop insider threats by employees, contractors and privileged users before sensitive data leaves the organization. Real-time user and entity analytics understands which behaviors or actions deviate from baseline activities and represent risk. Digital Guardian’s deep visibility and automated data classification gives context to those actions by highlighting the behaviors targeting the most sensitive assets. Flexible, and automated controls allow benign actions but block risky or unusual behavior.

Reduce Dwell Time – Digital Guardian’s cloud-delivered Data Protection Platform can detect threats and stop data exfiltration from internal and external threats. User and entity behaviors are aggregated to create risk scores to help analysts identify actions that are indicative of real threats. Once confirmed, analysts can blacklist processes across the enterprise from virtually any screen enabling faster and more accurate response for real-time remediation. Policy changes can also be made from the same screen.

Security Analyst-Approved Dashboards and Workspaces for Guided Responses – Digital Guardian’s expert team of threat hunters, incident responders, and information security analysts developed workspaces to guide security professionals to the events that matter when identifying anomalous and suspicious insider activity. Digital Guardian’s Executive Risk Dashboard aggregates risk scores to simplify communicating risks to other executives and board members, while providing granular access to the individual behaviors and events security teams require to identify activity compromising systems and data, then build and enforce policies to protect sensitive information.

To learn more please read the Digital Guardian UEBA Solution Sheet or visit: https://info.digitalguardian.com/rs/768-OQW-145/images/DG-UEBA-datasheet.pdf.

ABOUT DIGITAL GUARDIAN

Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from both insider threats and external adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information. For almost 15 years, it has enabled data-rich organizations to protect their most valuable assets with a choice of on premises, SaaS or managed service deployment. Digital Guardian’s unique data awareness combined with behavioral threat detection and response, enables you to protect data without slowing the pace of your business. To learn more please visit: https://digitalguardian.com/.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16669
PUBLISHED: 2019-09-21
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.
CVE-2019-16656
PUBLISHED: 2019-09-21
joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.
CVE-2019-16657
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.
CVE-2019-16658
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
CVE-2019-16659
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.