How user and entity behaviour leads to a more secure critical infrastructure

No ratings

Presented at AnnualCyberSecurityExecForum 2016 by

Alex Challis

The hardest problem for security teams is separating risky behaviours from normal user behaviours. Employees, contractors and the attackers that impersonate them have different objectives and divergent behaviours. Subtle behavioural differences and access characteristics aren’t captured and tracked in your security information and event management system. Learn how Exabeam leverages the log data you are already collecting to connect the dots across multiple sessions, IP addresses, devices, and account credentials. Determining risky vs normal behaviour and assigning risk to catch advanced attacks before they can spread. And why by fitting these activities together over time, Exabeam automates much of the investigation process, guiding analysts and dramatically increasing productivity and effectiveness of SOCs and CERTs.