Skip to main content

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

bjuice

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS, Uncategorized

Exabeam Announces First Ever Scholarship Competition

Exabeam College Scholarship

As part of our commitment to the future fight against cyber-crime, we are excited to announce details related to our first ever college scholarship essay contest. The contest, which is now open to applicants, offers a top prize of $1,000 to legal U.S. residents who are currently enrolled as a full-time student at any accredited college or university in the United States. In addition, all applicants are required to carry a minimum cumulative GPA of[…]

Read more

Topics: Uncategorized

UEBA: When "E" Doesn't Stand for "Easy"

computer-motherboard-pc-wires

Three-letter acronyms are easy to remember and pronounce – adding more letters usually just adds friction. When Gartner renamed the User Behavior Analytics market from UBA to UEBA (i.e. User and Entity BA), it made the term more clunky but even more relevant. Most organizations understand the threat posed by user insiders, whether malicious or compromised. However, many don’t yet see the risks from “insider” machines, or as Gartner calls them, entities. While we are[…]

Read more

Topics: data science, ransomware, SECURITY

Finding a Security Unicorn

1107_unicorn_head_mask_attribute_thinkgeek

A recent post on securityintelligence.com is unlikely to surprise anyone who’s been paying attention to the cybersecurity job market. According to a new Cybersecurity Ventures report, the unemployment rate for cybersecurity jobs is currently zero. On average, there are two open jobs available for every candidate, with over 1 million open IT security positions. Companies are making it worse by trying to hire security unicorns: analysts with skillsets so broad that no person has them[…]

Read more

Topics: SECURITY, Uncategorized

Who do I belong to? Dynamic Peer Analysis for UEBA Explained

pexels-photo-30342

In user and entity behavior analytics (UEBA), a security alert is best viewed in context as discussed in my past webinar. A user’s peer groups provide useful context to identify and calibrate that user’s alerts. If a user does something unusual on the network, such as logging on to a server or accessing an application for the first time, we may reduce or amplify the risk score of this activity depending on whether the peers[…]

Read more

Topics: data science, SECURITY, Uncategorized

No SIEM? No Problem!

istock_68758133_medium

What kinds of imagery are conjured up when you think about a Security Operations Center (SOC)?  Perhaps a militaristic setting straight out of the movie War Games, but with upgraded tech? Or maybe a dark room with a few scruffy security analysts staring at a wall full of large monitors while they frantically hammer away on their keyboards? Possibly you’re envisioning a single security engineer wearing a nerdy T-shirt hidden away somewhere in the bustle[…]

Read more

Topics: SECURITY, TIPS AND TRICKS

The Challenge of Using a SIEM to Detect Ransomware

Ransomware is becoming more common than ever. Corporations both large and small, are increasingly finding themselves the targets of advanced ransomware campaigns. Unfortunately, most security teams haven’t had enough experience with ransomware in corporate environments to stop infections before they run rampant.  This post explores some of the challenges security teams may face when trying to use SIEM correlation rules to identify the behavior and activities associated with a ransomware infection. Zooming out for Greater[…]

Read more

Topics: ransomware, SECURITY

Beyond Detection and Response: Hidden Benefits of Exabeam

exabeam_benefit

When I ask our prospective customers why they are interested in UBA and Exabeam specifically, most have a common answer; they are looking to cash in on the promise of deriving usable intelligence out of the vast amounts of data they have spent time and money collecting. Organizations want increased visibility into the activities of users on their network to detect modern attacks and respond quickly. Solving these problems is at the center of what[…]

Read more

Topics: benefits, CUSTOMERS

Exabeam Cleans Up At Network Product Guide's 2016 IT World Awards

npg-goldcoins300x

As a software vendor, it’s always nice when the fruits of hard work, purposeful design decisions, and unwavering focus on customer feedback are recognized.  Recently, Exabeam had the honor of being selected as the recipient of six awards at the 2016 Network Product Guide IT World Awards. Our goal has always been to deliver the exceptional by building products that our customers love using. Being named a winner from IT World Awards serves as a[…]

Read more

Topics: awards and recognition

A Forensics Expert's Opinion: Why Exabeam Matters

incident

The size of hard drives, logs, and other data sources has grown immensely in the past few years. I’ve had many different roles within the DFIR (digital forensics and incident response) space, including SOC analyst, incident responder, and forensic examiner, and this massive increase in available data poses challenges in all of those areas.  Fully combing through a multi-terabyte hard drive takes longer than smaller drives. Intrusion investigations can rapidly balloon from one computer to many,[…]

Read more

Topics: SECURITY