Digital
Guardian (DG) today announced that it has released new User
and Entity Behavior Analytics (UEBA) capabilities for its
cloud-delivered Data Protection Platform. Supplementing data
classification and rule-based policies, the Digital
Guardian Data Protection Platform now delivers advanced analytics
and anomaly-based detection to give deeper insight into suspicious
activities surrounding sensitive data. Digital Guardian’s UEBA
capabilities significantly enhance its Data
Loss Prevention (DLP) and Endpoint
Detection and Response (EDR) applications for more effective
identification, mitigation and communication of enterprise data risk.
The Digital Guardian Data Protection Platform extends beyond its
statistical means to leverage advanced machine learning techniques to
gain an understanding of how both users and entities typically behave
within an environment. By first establishing a baseline of normal
activity, Digital Guardian can identify anomalies amongst vast data sets
to trigger alarms when detecting changes in user and system workflows,
application executions, and data accessed or moved. Digital Guardian
delivers the added visibility and context to enable faster and more
accurate determination of real risk.
“Effective data security begins by understanding the risk associated
with how users and systems interact with data,” said Ken Levine,
president and chief executive officer, Digital Guardian. “CISOs are in
the business of managing risk and our UEBA technology enables them to
make more effective business decisions. Digital Guardian is introducing
an innovative risk based approach to threat prioritization – we are
enabling security teams to not only reduce incident remediation times
with high fidelity alarms, but also prioritizing the most important and
severe alarms targeting organizations’ sensitive data.”
The UEBA capabilities are visualized through a unique Executive Risk
Dashboard, which combines the ability for security analysts and business
leaders to view the most suspicious behaviors in their enterprise and
rapidly pivot into full details of the anomalies, data loss events and
suspicious endpoint activity. This also enables organizations to
visualize, assess and understand their risk posture more effectively,
allowing executives to have deeper policy discussions and set
appropriate controls for safe-guarding sensitive data.
“We are constantly innovating our cloud-delivered Digital Guardian Data
Protection Platform, and our new UEBA capabilities provide our customers
with more effective risk management and deeper visibility into
suspicious activities,” said David Karp, chief product officer, Digital
Guardian. “We have rounded out the triumvirate of key capabilities by
combining behavioral analytics, data loss prevention, and endpoint
detection and response and are uniquely capable of understanding
sensitive data and protecting it from all threats – whether they
originate with a trusted insider or external adversary.”
“UEBA can be useful for every data protection program as it enables
enhanced detection for insider threats and identifies potential
anomalous activity in real-time. This can help accelerate investigations
and time to resolution,” said Jon Oltsik, senior principal analyst,
Enterprise Strategy Group. “Integrating UEBA into the Digital Guardian
Data Protection Platform can provide a higher level of protection for
corporations looking to protect their most sensitive data and critical
assets.”
Key Benefits of Combining UEBA Capabilities
with the DG Data Protection Platform
-
Prioritize and Investigate the Most Serious Risks – Digital
Guardian UEBA monitors the most comprehensive set of behavioral events
about your systems, users and data, and quickly pinpoints anomalies.
Digital Guardian can collect and preserve chain-of-custody forensic
evidence including capture files, system artifacts, screenshots and
keystrokes, allowing incidents to be reconstructed in their full
context. Alarms are triggered for the highest fidelity indicators that
warrant additional investigation.
-
Detect and Mitigate Threats Faster – accurately identify and
stop insider threats by employees, contractors and privileged users
before sensitive data leaves the organization. Real-time user and
entity analytics understands which behaviors or actions deviate from
baseline activities and represent risk. Digital Guardian’s deep
visibility and automated data classification gives context to those
actions by highlighting the behaviors targeting the most sensitive
assets. Flexible, and automated controls allow benign actions but
block risky or unusual behavior.
-
Reduce Dwell Time – Digital Guardian’s cloud-delivered Data
Protection Platform can detect threats and stop data exfiltration from
internal and external threats. User and entity behaviors are
aggregated to create risk scores to help analysts identify actions
that are indicative of real threats. Once confirmed, analysts can
blacklist processes across the enterprise from virtually any screen
enabling faster and more accurate response for real-time remediation.
Policy changes can also be made from the same screen.
-
Security Analyst-Approved Dashboards and Workspaces for Guided
Responses – Digital Guardian’s expert team of threat hunters,
incident responders, and information security analysts developed
workspaces to guide security professionals to the events that matter
when identifying anomalous and suspicious insider activity. Digital
Guardian’s Executive Risk Dashboard aggregates risk scores to simplify
communicating risks to other executives and board members, while
providing granular access to the individual behaviors and events
security teams require to identify activity compromising systems and
data, then build and enforce policies to protect sensitive information.
To learn more please read the Digital Guardian UEBA Solution Sheet: https://info.digitalguardian.com/rs/768-OQW-145/images/DG-UEBA-datasheet.pdf.
About Digital Guardian
Digital Guardian provides the industry’s only data protection platform
that is purpose built to stop data theft from both insiders and external
adversaries. The Digital Guardian Data Protection Platform performs
across the corporate network, traditional endpoints and cloud
applications and is buttressed by the DG Cloud, a big data security
analytics backend, purpose built to see and block all threats to
sensitive information. For more than 15 years, it has enabled data-rich
organizations to protect their most valuable assets with a choice of on
premises, SaaS or managed service deployment. Digital Guardian’s unique
data awareness combined with behavioral threat detection and response,
enables you to protect data without slowing the pace of your business.
To learn more please visit: https://digitalguardian.com/.
View source version on businesswire.com: https://www.businesswire.com/news/home/20180807005732/en/