TALKING

BIO

Orion Cassetto , Director , Product Marketing , Exabeam , has nearly a decade of experience marketing cybersecurity and web application security products . Prior to Exabeam , Orion worked for other notable security vendors including Imperva , Incapsula , Distil Networks and Armorize Technologies . He is a security enthusiast and frequent speaker at conferences and tradeshows .

To other tools this may look like data exfiltration due to large outbound file transfers . Sales and marketing employees , who are often communicating more often with external entities ( i . e new business leads , vendors or third-party agencies ) may also easily fall victim to credential-stuffing attacks .

After stealing these users ’ information , hackers then move laterally within a network to gain higher-level access in hopes of obtaining private data or highvalue assets .

IT

These individuals often have administrative privileges that hackers can use to obtain authorized access to high-value resources , such as a sensitive database , a user-rights management system or an authentication system . When a hacker obtains privileged-user credentials , the threat actor can move freely to highvalue assets . For this reason , SOC analysts must closely monitor this category of users for anomalous activity indicative of a threat .

While the tasks of IT professionals can be both widespread and unrestricted ; even a frequency spike in what would be considered normal activities by a specific network user could trigger a warning that the account has been compromised .

Using behavioral analytics to detect threats sooner

As businesses and their employees continue to endure and thrive in work-from-home arrangements , their reliance on cloud-based resources and network activity grows more complex . For this reason , behavioral analytics is one of the most rapidly adopted technologies within enterprise security and is being used to detect and investigate advanced threats .

This adaptable and customizable approach uses behavioral analysis of users and also non-user entities like routers , servers and endpoints that are unable to be addressed by legacy solutions .

Behavioral analytics solutions are divergent with variations of Artificial Intelligence and Machine Learning , advanced analytics , data enrichment and data science to effectively combat complex threats .

By looking at the entire picture , SOC teams can get a better estimate of a potential alert ’ s context so that they can calibrate risk scores more realistically and avoid a high number of false positives .

This approach combines all data sources with analytics so that security analysts can get a low volume high fidelity feed and stop drowning in endless noise – enabling them to remain vigilant and detect suspicious behaviors from the C-suite all the way to IT . p

38 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com