Skip to main content

LIFE AT EXABEAM

Data Science And Stateful User Tracking: The Two Key UBA Enablers

A big topic at recent security conferences has been the use of user behavior analytics (UBA) to assess cyber security risk. This approach is enabled by the recent application of data science and data modeling. However, any data science has to be supported by a platform designed from the ground up to enable this effort. In this blog, I’ll share thoughts on the areas where data science are most effective for UBA, and how data[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY, TIPS AND TRICKS

Challenges Of Building A Security Data Science Practice

A security executive recently reflected with me on his experience in building the security analytics practice in his enterprise. They have come a long way, having hired a couple of data scientists and setup the requisite Big Data infrastructure.  While some lessons are learned, some challenges remain.  As a data scientist who loves to get his hands dirty with data, I believe there are clear benefits to building data science models to target emerging use[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM

What's Wrong With Today's Security Technologies and Processes?

In general, today’s security operations center (SOC) monitors security alerts and alarms from security products and threats indicated by a security information and event management system (SIEM). These alerts and threats turn into cases that funnel into a workflow system in use by the security team. After initial review to determine if the alert is a false positive, additional data is gathered so that analysis can take place. To put it another way, the security[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Data Science, Engineering and Security: 3 Legs of User Behavior Analytics

The term “user behavior analytics” (UBA) has been abuzz in the cyber security community since last year. Gartner formally declared UBA as a space for security vendors[1] last year; we also saw higher level of UBA activities in at this year’s RSA conference than before. This is a topic that I hold dear. Prior to joining Exabeam, I had been working on general behavior modeling for enterprise applications using security logs for the past few[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Security Breaches and the “Crown Jewels” of Creativity and Research

The resent data breach at Penn State was a reminder to me of how much research and intellectual property is created at America’s universities. Research in quantum computing, materials science, and missile propulsion systems are a tiny fraction of the intellectual property and research being worked on by universities under contract with and a wide variety of defense agencies or waiting for commercialization. This isn’t limited to the US. In the UK the Guardian reports,[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

Passing the Hash Like It's 1999!

I wanted to start this post with a recap about the history of Pass-the-Hash (PTH) attacks and how they were a major threat; yet, is no  longer today. I really did.  In the last few weeks, I have been modeling behaviors of users in NTLM rich environments, only to learn that Pass-the-Hash still goes undetected after all those years. Further, NTLM is here to stay, at least for a while longer. Having said that, with user[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY, TIPS AND TRICKS

With the RSA 2015 Security Conference Behind Us, What do I do Now?

Observations Before long, RSA will be a distant memory. This was the year that people started to realize that spending additional dollars on yesterday’s solutions to address today’s new security problems isn’t a winning strategy. Several keynote addresses (that seemed somewhat controversial) reflected this reality. Some of the larger vendors at RSA that have been hyping evolutionary advances on top of traditional technologies actually took to the stage to tell everyone else that security mindsets[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

My RSA Expectations – Blinding Spotlights

Having been to more RSA events than I am willing to admit, the highlight for me is always watching for new products being released and security startups coming out of stealth showing their never-before-seen technologies to detect data breaches before they happen. At this year’s RSA event most of the older more mature technologies will be found in north building and most of the security startups with new ideas will be found in the south[…]

Read more

Topics: CUSTOMERS, LIFE AT EXABEAM, SECURITY

Attack of the Cyber Vampires--phishing at the White House

OK — my apologies up front for the headline but the analogy is too apt not to use. In Bram Stoker’s 1897 book Dracula, there’s a famous scene where Dracula is outside a castle window looking into the character Mina’s bedroom. He uses his powers to wake her from an erotic dream and still in a trance she walks to the window. Dracula is pretty happy because the only way a vampire can enter the[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY

The Expanding Attack Surface: A Common Sense Security Approach

Recently, I had the pleasure of reading Jon Olsik’s opinion piece on The Increasing Cybersecurity Attack Surface. I agree with many of the opinions put forward in the piece. Those business advancements that leverage the Internet to offer new services to customers, streamline business processes, or create virtual supply chains have risk trade-offs. The need to adopt technologies to generate greater profits has always been placed ahead of the potential risk of implementation. Meanwhile, security[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY
2017