Separate True Security Risk from Everyday Account Lockouts - Exabeam

Separate True Security Risk from Everyday Account Lockouts

Published
September 21, 2015

Author
Barry Shteiman

It’s one of the most persistent, costly annoyances IT security teams face. Hundreds or even thousands of customers lock themselves out of their online accounts each day, simply by forgetting or mistyping their passwords. Those mistakes can monopolize up to 70 percent of a security expert’s time – not a junior employee’s time, but an experienced, senior-level staffer trained to spot legitimate threats. Enterprises have been clamoring for a solution to this industrywide challenge. Today, Exabeam announced a first-of-its-kind capability to automate this task through user and entity behavior analytics (UEBA).

Exabeam 2.0, which we’re demonstrating at Splunk.conf15 this week in Las Vegas, is the answer to a customer question we’ve heard time and again: How can we protect our company from the security threats that trigger account lockouts without sinking endless personnel hours into manual analysis? We answered that question in the Exabeam Lab, where we modeled lockout behavior and applied that logic and related rules to our latest solution release, which also records how many times a user has been locked out in the past so companies can add that information to the user’s behavior history.

Exabeam 2.0 includes several other new features prompted by security analyst requests, including:

  1. User watchlists that can be created to monitor employee and contractors who need special attention, for example, if they’ve had malware recently and need to be screened for re-infection.
  2. Security alert search capabilities to enter an alert from another security product and view a timeline of all users and activities connected to that alert (i.e., “Google for your FireEye system”).
  3. Auto-classification of executive devices to apply special data monitoring rules to the laptops, smartphones and other machines belonging to company executives.

Some companies see as many as 1 percent of their accounts experiencing lockouts every single day. With the release of Exabeam 2.0, what had been a full-time job for some security professionals – analyzing suspicious lockouts versus innocent ones – can now be completed as easily as reading a yes-or-no signal.   

Recent Information Security Articles

Five Steps to Effectively Identify Insider Threats

Read More

Detecting the New PetitPotam Attack With Exabeam

Read More

The Challenges of Today’s CISO: Navigating the Balance of Compliance and Security

Read More

Human Managed Selects Exabeam to Drive Faster Decision-making

Read More

Exabeam Successfully Completes the Annual System and Organization Controls SOC 2 Type II Audit

Read More



Recent Information Security Articles

SIEM Gartner: Get the 2021 Magic Quadrant Report

Read More

Five Steps to Effectively Identify Insider Threats

Read More

Detecting the New PetitPotam Attack With Exabeam

Read More

The Challenges of Today’s CISO: Navigating the Balance of Compliance and Security

Read More

Human Managed Selects Exabeam to Drive Faster Decision-making

Read More