Off-the-Shelf Analytics for Every Component of the Security Infrastructure

November 09, 2017 by Rodolfo Melgoza

Analytics for Every Component of the Security Infrastructure (2).jpgDuring the last few years, many security infrastructure vendors have realized the value of behavioral security analytics. However, most of these vendors specialize heavily, or even exclusively, within a single security sector such as Data Loss Prevention or Identity Access Management. This razor-sharp focus helps these vendors excel in their specific sector, but often means that they don’t have the resources inhouse to add behavioral analytics, even though they see the need and value.

Fortunately, one of the innovative and unique features of Fortscale is its ability to provide off-the-shelf analytics for numerous types of security products. Fortscale Presidio, is the only product in the industry that was specifically designed to provide canned behavior analytics for virtually every component within a typical security infrastructure. 

Through innovative SMART Kits, Presidio enables security product developers to easily add industry-leading behavior analytics to their products that will meet very specific use cases.

Here are a few examples showing how various security infrastructure vendors can use Presidio SMART Kits to make behavior analytics a native feature of their products:

Security Incident and Event Management (SIEM)

The SIEM can use SMART Kits to provide new investigative capabilities to uncover insider threats. Presidio can enrich the data of the SIEM to provide behavioral analytics and risk scores on users and entities that can replace rule-based correlation engines to improve detection accuracy and expedite investigations.

Endpoint Detection and Response (EDR) & Endpoint Protection Platform (EPP) 

EDR and EPP solutions leverage the insights of the SMART Kits to expand their visibility into the

malicious behaviors of users, leveraging best-of-breed machine learning to identify risky activity and insider threats.

 Data Loss Prevention (DLP)

The DLP can integrate SMART Kits to enhance their ability to identify internal threats, adding

machine learning and advanced investigation capabilities that dramatically improve the accuracy and relevancy of their alerts.

Identity and Access Management (IAM) & Identity Governance and Administration (IGA)

IAM solutions can benefit from the insights of Presidio’s SMART Kits to improve their enforcement and dynamically adjust entitlements based on user/entity risk assessments and intelligence to minimize the attack surface, as well as risk based policy adjustments.

Cloud Access Security Broker (CASB)

CASB gateways can benefit from the visibility the SMART Kits add into the activity of users within the organization. The behavioral analytics enable them to understand better and prioritize events and identify threats and risks.

Network Solutions  (IPS, FW, GW etc)

Network security solutions, such as firewalls, gateways and intrusion prevention systems (IPSes), can use SMART Kits to layer in behavioral analytics to improve their attack detection and response capabilities. The embedded intelligence can reduce alert noise, so the solutions can hone in on risks and automate remediation to reduce the impact of an attack with alert prioritization.

With Fortscale Presidio, security vendors can now achieve their goals to add User and Entity Behavioral Analytics (UEBA) natively within their products.

 

Read the latest ESG Lab Report about Embedded Advanced Behavioral Analytics

 

Rodolfo Melgoza

Rodolfo Melgoza is the Marketing Manager at Fortscale.

  

Subscribe to Email Updates

Read Next