Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

11/18/2013
12:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CyberArk Introduces Privileged Threat Analytics To Detect In-Progress Attacks

Security analytics solution detects malicious privileged account behavior

Newton, Mass. – November 18, 2013 – CyberArk, the company securing the heart of the enterprise, today announced the availability of Privileged Threat Analytics&trade, the industry's first analytics solution to detect malicious privileged account behavior and disrupt in-progress attacks before damage is done to a business.

Privileged accounts have been identified as the primary target in internal and advanced external attacks. According to security consultancy firm Mandiant, "APT intruders prefer to leverage privileged accounts where possible, such as domain administrators, service accounts with domain privileges, local administrator accounts, and privileged user accounts." [1] CyberArk Privileged Threat Analytics provides targeted and immediately actionable threat analytics on these critical attack vectors by identifying previously undetectable malicious privileged user behavior, which enables the incident response team to respond and disrupt in-progress attacks. CyberArk Privileged Threat Analytics is the industry's only targeted privileged threat analytics solution.

"Privileged accounts are the most powerful accounts in any organization because of the broad access they can provide. For us, managing and controlling this access is critical to securing the enterprise, and in achieving and maintaining compliance with numerous regulations," said Erica Beall, IT Security Systems Analyst at The Williams Companies. "Real-time analytics and alerts on privileged user activity will provide management with impactful information to maximize our security posture."

Key Benefits of CyberArk Privileged Threat Analytics Include:

· Identifies in-progress external attacks and malicious behavior of authorized insiders;

· Detects a range of anomalies in the behavior patterns of individual privileged users in real-time, such as a user who suddenly accesses credentials at an unusual time of day. This is a strong indicator of malicious activity or severe policy violations such as password sharing;

· Improves effectiveness of SIEM systems and incident response teams by reducing false positives;

· Stops an in-progress attack earlier in the kill chain, ensuring a less costly and time consuming remediation process;

· Continuously learns user behavior and adjusts risk assessments based on the authorized privileged user activity patterns.

"Privileged user behavior profiling can be a critical weapon in combating both external and internal threats by discovering abnormal behavior early," said Charles Kolodgy, Research Vice President for IDC's Security Products service. "The key to CyberArk's inventive solution is to analyze the right data – that being the activities of privileged user accounts – providing high value, actionable intelligence on a critical attack vector."

The New Security Battleground - Inside the Network

As the secure perimeter has dissolved, the new battleground for information security is inside the network. CyberArk Privileged Threat Analytics is the latest innovation in CyberArk's market leading privileged account security solution that secures an organization's most critical assets and data. By applying patented analytic technology to a rich set of privileged account behavior data from its privileged account security solution, along with contextual information from system resources, CyberArk Privileged Threat Analytics provides targeted, high value and actionable intelligence to security teams.

"Organizations must assume attackers have already penetrated the perimeter and once inside, will almost always attempt to take control of privileged accounts to advance their attack," said Roy Adar, vice president of product management, CyberArk. "Customers are asking for controls on privileged accounts, coupled with the ability to detect suspicious activity to protect their organizations from evolving threats."

CyberArk Privileged Threat Analytics will be generally available in December 2013. For more information, please visit http://www.cyberark.com/product-detail/privileged-threat-analytics. To view a video introduction to CyberArk Privileged Threat Analytics, please visit: http://youtu.be/SCZYHMrLw6U.

About CyberArk

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world's leading companies – including 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. CyberArk is a vital security partner to more than 1,400 global businesses, including 17 of the world's top 20 banks. Headquartered in Newton, MA, CyberArk also has offices throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.