Privileged threat analytics to detect in-progress attacks
Posted on 18 November 2013.
CyberArk announced the availability of Privileged Threat Analytics, an analytics solution to detect malicious privileged account behavior and disrupt in-progress attacks before damage is done to a business.


Privileged accounts have been identified as the primary target in internal and advanced external attacks. According to Mandiant, "APT intruders prefer to leverage privileged accounts where possible, such as domain administrators, service accounts with domain privileges, local administrator accounts, and privileged user accounts."

CyberArk Privileged Threat Analytics provides targeted and immediately actionable threat analytics on these attack vectors by identifying previously undetectable malicious privileged user behavior, which enables the incident response team to respond and disrupt in-progress attacks.

Key benefits include:
  • Identifies in-progress external attacks and malicious behaviour of authorised insiders
  • Detects a range of anomalies in the behaviour patterns of individual privileged users in real-time, such as a user who suddenly accesses credentials at an unusual time of day. This is a strong indicator of malicious activity or severe policy violations such as password sharing
  • Improves effectiveness of SIEM systems and incident response teams by reducing false positives
  • Stops an in-progress attack earlier in the kill chain, ensuring a less costly and time consuming remediation process
  • Continuously learns user behaviour and adjusts risk assessments based on the authorised privileged user activity patterns.
“Privileged user behaviour profiling can be a critical weapon in combating both external and internal threats by discovering abnormal behaviour early,” said Charles Kolodgy, research vice president for IDC's Security Products service. “The key to CyberArk's inventive solution is to analyse the right data – that being the activities of privileged user accounts – providing high value, actionable intelligence on a critical attack vector.”





Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //