Security analytics News
February 13, 2018
ExtraHop fortifies its packet capture platform with cybersecurity analytics software, Reveal(x); Mist introduces a virtual network assistant powered by artificial intelligence.
December 12, 2017
Juniper's network security portfolio has a new version of Junos Space Security Director. The latest iteration of the management console lessens the manual labor needed to mitigate threats.
November 28, 2017
Cloud-native machine data analytics platform company Sumo Logic has rolled out a unified logs and metrics solution designed to improve the 'customer experience' of applications running on ...
October 20, 2017
Bloggers explore open network systems, look into the development of unified security operations and analytics, and recommend how to tweak an Ansible playbook.
Security analytics Get Started
Bring yourself up to speed with our introductory content
The failure to detect insider threats and a growing need to store and sort through massive amounts of data have drawn attention to user behavior analytics, sometimes called user and entity behavior analytics. According to Gartner, UBA tools deliver value for use cases such as compromised accounts, including stolen and phished credentials. They can also be used to find compromised systems and data exfiltration.
Security platforms like data loss prevention, endpoint security and cloud access security brokers will increasingly layer or incorporate UBA features to help analyze alerts and make underlying technology more useful, according to analysts. SIEM and UBA are also converging, with SIEM vendors adding UBA tools and UBA vendors building SIEM systems.
In this issue of Information Security magazine, we look at the dynamics around UBA and strategies for CISOs going forward. UBA vendors are releasing product suites targeted at security operations centers, today built around SIEM. What does the future hold for standalone UBA tools? We look at time to value and use cases, and help you sift through the noise.Continue Reading
The drive for greater security fuels IT more than ever, but fighting infosec threats depends on locating the right data sets and analyzing them efficiently. Continue Reading
Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool. Continue Reading
Evaluate Security analytics Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Learn why binary code scanners are critical to finding vulnerabilities in open source components and keeping the connected, IoT world safe. Continue Reading
Has the internet of things won a new best friend in blockchain? Ron Lifton of NetScout discusses the benefits and challenges of the newfound friendship. Continue Reading
A cloud-based sandbox can be a helpful tool for enterprises looking to bolster their intrusion prevention systems. Expert Rob Shapland explains how to leverage this technology. Continue Reading
Manage Security analytics
Learn to apply best practices and optimize your operations.
Will no longer playing by the rules help companies find insider threats? As user and entity behavior analytics gets closer to SIEM tools, enterprises take notice. Continue Reading
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs over the next few years, especially in areas like intrusion prevention and detection systems, distributed denial-of-service mitigation, unified threat management and security information and event management (SIEM). Estimates for the overall size of the global market over the next few years range from the low $20 billion to $35 billion. That makes it one of the fastest growing segments in the security industry. What are the factors CISOs need to consider when choosing a managed security provider and what are some best practices for getting the most out of these relationships?
Enterprises have a range of options for using such services, from managed on-premises or managed customer-premise equipment services to fully outsourced, cloud-hosted options. A hybrid security model has worked for Arlington County in Virginia. The local government's security operations center is managed by in-house engineers who inherently know the network and are better positioned to respond to SIEM alerts from the MSSP. "We preferred the hybrid approach because we had the seasoned staff available to perform this aspect of the security practice," CISO David Jordan said. "It's a positive and successful approach, and the results are repeatable."
Much of the managed security provider growth is being driven by the need for increased security and compliance measures at small to medium-sized businesses. In this issue of Information Security magazine, we look at the evolution of the managed security provider and the best ways to handle these partnerships.Continue Reading
Problem Solve Security analytics Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The emergence of threat hunting programs underscores the importance of the human factor in fighting the most dangerous and costly security threats. Continue Reading
Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics. Continue Reading
In order to achieve interoperability of security tools and strengthen security, one CIO said that there must be security standards for healthcare information systems. Continue Reading