Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Analytics / New IBM App Targets Internal Threats
New IBM Security App Uses Analytics To Target Internal Threats
New IBM Security App Uses Analytics To Target Internal Threats
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
One of the most common ways hackers penetrate networks is by stealing the credentials of users with legitimate access to those networks. Because the credentials are frequently used by authorized users for perfectly normal reasons, detecting security breaches caused by compromised logins can be difficult. But a new app from IBM will help businesses determine if the credentials or systems of their own employees have been compromised.

Called IBM QRadar User Behavior Analytics, the new feature is available as a free app via the IBM Security App Exchange. The app expands the capabilities of IBM’s QRadar platform by analyzing the usage patterns of insiders, including employees, contractors and partners, to determine if their credentials or systems have been compromised by cybercriminals, the company said.

Leveraging Existing Security Data

The biggest threat to enterprise security comes from businesses' own employees, with as many as 60 percent of data breaches stemming from insiders, according to IBM. But up to a quarter of insider data breaches happen because user credentials fall into the hands of hackers via employees, contractors or partners who are tricked by malware-laden phishing attacks or other techniques, IBM said.

“Organizations need a better way to protect themselves against insider threats -- whether they be from inadvertent actors or malicious cybercriminals with access to an organization’s inner workings and technology systems,” said Jason Corbin, vice president of strategy and offering management, IBM Security, in a statement.

The new app enables analysts to quickly pivot by using existing cybersecurity data to see the early warning signs often buried in suspicious user activities, ultimately helping them to more consistently address breaches before they occur, he said.

New Security Features

QRadar User Behavior Analytics leverages data from customers’ existing QRadar deployments, providing enterprises with a single platform to analyze and manage security events and data, according to IBM. The company said that the integration saves security analysts from having to reload and curate data from multiple platforms to identify and investigate user behavior side-by-side with other indicators of compromise that QRadar detects.

The new app provides three primary functions: risk analysis profiles; a prioritized behavioral analysis dashboard; and enhanced security data. The risk analysis profiles are created by analyzing risky user actions and applying a score to anomalous behaviors to help identify potential rogue insiders as well as suspected cybercriminals using compromised credentials.

The dashboards, meanwhile, provide analysts with better visibility and understanding of the actions that can lead users to open up malicious documents or how they gained escalated privileges. A single mouse click, or an attachment or link in a phishing email, for example, can add suspicious user activity to a watch list or permit a text-based annotation to explain the analyst’s observations.

The app also provides enhanced security data by pulling user information from an enterprise’s entire IT environment, allowing a security team to tap into the existing data set and threat intelligence in QRadar to detect threats across users and assets.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.