Separate True Security Risk from Everyday Account Lockouts - Exabeam

Separate True Security Risk from Everyday Account Lockouts

Published
September 21, 2015

Author

Reading time
2 mins

It’s one of the most persistent, costly annoyances IT security teams face. Hundreds or even thousands of customers lock themselves out of their online accounts each day, simply by forgetting or mistyping their passwords. Those mistakes can monopolize up to 70 percent of a security expert’s time – not a junior employee’s time, but an experienced, senior-level staffer trained to spot legitimate threats. Enterprises have been clamoring for a solution to this industrywide challenge. Today, Exabeam announced a first-of-its-kind capability to automate this task through user and entity behavior analytics (UEBA).

Exabeam 2.0, which we’re demonstrating at Splunk.conf15 this week in Las Vegas, is the answer to a customer question we’ve heard time and again: How can we protect our company from the security threats that trigger account lockouts without sinking endless personnel hours into manual analysis? We answered that question in the Exabeam Lab, where we modeled lockout behavior and applied that logic and related rules to our latest solution release, which also records how many times a user has been locked out in the past so companies can add that information to the user’s behavior history.

Exabeam 2.0 includes several other new features prompted by security analyst requests, including:

  1. User watchlists that can be created to monitor employee and contractors who need special attention, for example, if they’ve had malware recently and need to be screened for re-infection.
  2. Security alert search capabilities to enter an alert from another security product and view a timeline of all users and activities connected to that alert (i.e., “Google for your FireEye system”).
  3. Auto-classification of executive devices to apply special data monitoring rules to the laptops, smartphones and other machines belonging to company executives.

Some companies see as many as 1 percent of their accounts experiencing lockouts every single day. With the release of Exabeam 2.0, what had been a full-time job for some security professionals – analyzing suspicious lockouts versus innocent ones – can now be completed as easily as reading a yes-or-no signal.

Tags:

Similar Posts

What’s New in Exabeam Product Development – November 2022

Exabeam News Wrap-up – December 1, 2022

Exabeam Achieves ISO 27017 and ISO 27018 Certifications




Recent Posts

Fourth-gen SIEM is New-Scale SIEM: Cloud-native SIEM at Hyperscale

The New CISO Podcast: Solving Security Puzzles

Understanding UEBA: From Scored Events to Stories

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!