Skip to main content

Why is Critical Infrastructure So Vulnerable to Insider Threats?

Why is Critical Infrastructure so Vulnerable to Insider Threats?

A recent article in the Washington Post “Russia has developed a cyberweapon that can disrupt power grids, according to new research” came as a real reminder of the constant risk critical infrastructure operators face. The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system in Ukraine but could be deployed against U.S. electric transmission and distribution systems. The consequences of insider threats to critical infrastructure operators are much greater[…]

Read more

Topics: SECURITY

5 Aspects to Consider When Evaluating SIEM Solutions

Considering SIEM Solutions

The SIEM category is quite mature; all Magic-Quadrant-Leader products are more than a decade old. In fact, the youngest product is 14 years old. When these products were in their prime, design requirements were different: an enterprise-class product might be expected to store 50 TB of logs; correlation rules were considered a major advance over signatures for detection; searches were judged on speed and it was acceptable to require complex search syntax; finally, the hard[…]

Read more

Topics: SIEM

Check Out Exabeam Incident Responder

One of the most common questions we heard when talking to potential customers about our UEBA product was “Okay, your system found something. Now what do I do?” It was eye-opening to see so many organizations that simply didn’t have response processes defined, and had limited tools to run those processes, anyway. This lack of incident response expertise drove the development of our recently-announced Exabeam Incident Responder product. Incident Responder goes far beyond the automatic[…]

Read more

Topics: SECURITY

McAfee Labs Report Finds 93 Percent of Security Operations Center Managers Overwhelmed by Alerts and Unable to Triage Potential Threats

This is a very interesting report from our partner, Intel Security/McAfee. Some interesting bits: Enterprise security operations center survey found 93 percent of respondents acknowledged being unable to triage all potential cyber threats. On average, organizations are unable to sufficiently investigate 25 percent of security alerts. 67 percent of respondents reported an increase in security incidents. 26 percent acknowledge operating in a reactive mode despite having a plan for a proactive security operation. New ransomware[…]

Read more

Topics: SECURITY

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS, Uncategorized

Exabeam Announces First Ever Scholarship Competition

Exabeam College Scholarship

As part of our commitment to the future fight against cyber-crime, we are excited to announce details related to our first ever college scholarship essay contest. The contest, which is now open to applicants, offers a top prize of $1,000 to legal U.S. residents who are currently enrolled as a full-time student at any accredited college or university in the United States. In addition, all applicants are required to carry a minimum cumulative GPA of[…]

Read more

Topics: Uncategorized

UEBA: When "E" Doesn't Stand for "Easy"

Three-letter acronyms are easy to remember and pronounce – adding more letters usually just adds friction. When Gartner renamed the User Behavior Analytics market from UBA to UEBA (i.e. User and Entity BA), it made the term more clunky but even more relevant. Most organizations understand the threat posed by user insiders, whether malicious or compromised. However, many don’t yet see the risks from “insider” machines, or as Gartner calls them, entities. While we are[…]

Read more

Topics: data science, ransomware, SECURITY

Finding a Security Unicorn

A recent post on securityintelligence.com is unlikely to surprise anyone who’s been paying attention to the cybersecurity job market. According to a new Cybersecurity Ventures report, the unemployment rate for cybersecurity jobs is currently zero. On average, there are two open jobs available for every candidate, with over 1 million open IT security positions. Companies are making it worse by trying to hire security unicorns: analysts with skillsets so broad that no person has them[…]

Read more

Topics: SECURITY, Uncategorized

Introducing Exabeam Threat Hunter

Today we announced the availability of Exabeam Threat Hunter, a new product that raises the bar for the UBA market. While UBA is focused on using data science to notify an analyst about users who deserve attention, Threat Hunter completes the picture by giving an analyst the ability to query, pivot, and drill down into user sessions that match any combination of attributes and activities. In short, if UBA is about the machine telling the analyst[…]

Read more

Topics: data science, SECURITY

Exabeam as a Service?

As an independent software vendor, Exabeam is focused on building the best security intelligence platform in the world. Whether a customer buys a physical or virtual appliance from us, we are completely focused on building and delivering the best product for understanding user behavior and detecting and responding to threats. However, some organizations are looking for a broader solution for their security operations centers (SOCs), and they ask if Exabeam can be purchased as a[…]

Read more

Topics: CUSTOMERS
2017