Skip to main content

Head in the Sands: One Year After the Sands Casino Data Breach

On February 10, 2014, Sands Casino properties, which owns the Venetian and Palazzo in Las Vegas, among many other global properties, fell victim to a devastating Iranian hacktivist attack. According to reports, hackers used a basic malware script along with stolen user credentials to corrupt thousands of servers, rendering hard drives unreadable. One year later, similar attacks continue to happen, and it appears we’ve learned nothing from the Sands Casino breach and others like it. What[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Why Your SIEM Doesn’t Work

This is why your security information and event management (SIEM) doesn’t work: No, it’s not Gartner’s Magic Quadrant. It has to do with a highly disproportional ratio between benign and malicious events that are collected and processed. Every event that is generated by SIEM systems in an IT environment can indicate either a benign or a malicious activity. This creates four possibility: True positives (TP): Truly malicious events that the SIEM identified as malicious. False negatives (FN): Truly[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Exabeam: Get User Behavior Intelligence in 2015

EXABEAM IS AVAILABLE! For every company, the first general availability (GA) release – Exabeam version 1.6 in our case – is a major milestone. The software is enterprise-ready, scales to monitor over 150,000 users with a single appliance, and it just plain works out-of-the-box. Exabeam enables organizations to realize the promise of their existing security information and event management (SIEM) deployments by applying user behavior intelligence to identify the attacker who evades detection from initial point-of-compromise[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS

User Behavior Intelligence Drives New Security Processes

There are six key technologies that have defined our security process for the last 25 years. Some of these technologies aren’t as effective as they once were. Following a record year for data breaches, is it time to question our security processes? The answer, of course, is yes. When something is broken, you fix it. But first, a brief history lesson: In 1986, the first intrusion detection system was invented. In 1987, John McAfee released[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Data Breaches: No vertical left behind [INFOGRAPHIC]

Every business vertical and all levels of government experienced data breaches in 2014, and the outlook for 2015 isn’t encouraging. In our latest infographic, we break down 2014’s data breaches by sector and size. In the retail space, attack activity is expected to accelerate even as credit card companies roll out pin and chip technologies mandated for use in 2016. According to the 2015 “Experian Data Breach Forecast”, “Adoption requirements for EMV ’Chip and PIN‘[…]

Read more

Topics: SECURITY

The Importance of User Behavior Intelligence [WHITE PAPER]

Writing a white paper means the company has a strong grasp of a pervasive problem. In this case, it addresses finding cyberattackers using stolen credentials to access private data. According to the Ponemon Institute, it costs companies an average of $201 per record lost in a data breach. In 2014, the total number of records compromised was larger than the US population, meaning the cost to businesses would be more than half a billion dollars. And this[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Anthem's 80 million record data breach: interesting insights...

Our first large scale data breach of 2015 and its cause, according to Anthem President and CEO Joseph Swedish, is, “These attackers gained unauthorized access to Anthem’s IT systems…”. Just as with all of the largest data breaches that happened in 2014, this one involved some form of unauthorized access, whether it was through direct access or remotely controlled malware. This breach continues a three-year trend. Breaches in the medical/healthcare industry topped the ITRC 2014 Breach List, comprising 42.5 percent.[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Fixing the stolen credentials problem means fixing "us" first [VIDEO]

Behind every big data breach headline there’s an attacker that has social engineered valid credentials out of someone. People often use the same password for their personal email as they do for their workplace and the various e-commerce sites they log into. If businesses expect to prevent attackers from leveraging valid credentials, they must first start with people taking more precautions with their passwords. I’m sure many of you have seen this, but no recent[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Finding Cybercriminals with User Behavior Intelligence

On January 18, 2015, WJLA Channel 7’s Morris Jones, host of Washington DC’s Government Matters, interviewed Mark Seward, vice president of marketing at Exabeam, about attackers using valid credentials to infiltrate businesses and government agencies, and how to find them using user behavior intelligence and Stateful User Tracking™.  Today, attackers use valid credentials to access systems and navigate their way to valuable data, bypassing current security detections. User behavior intelligence supports a strategy of applying behavioral[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

The End of SIEM as We Know It, or Why I joined Exabeam

For the better part of the last decade, I’ve been fascinated by the promise of security information and event management (SIEM) systems. I joined one of the most advanced SIEM vendors as a security engineer, and worked tirelessly to make this passion a reality. The ability to monitor all security activity from a central location was a complete game-changer in my mind, and adding a querying engine that would ask any question of the data[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY
2017