It’s one of the most persistent, costly annoyances IT security teams face. Hundreds or even thousands of customers lock themselves out of their online accounts each day, simply by forgetting or mistyping their passwords. Those mistakes can monopolize up to 70 percent of a security expert’s time – not a junior employee’s time, but an experienced, senior-level staffer trained to spot legitimate threats. Enterprises have been clamoring for a solution to this industrywide challenge. Today, Exabeam announced a first-of-its-kind capability to automate this task through user and entity behavior analytics (UEBA).
Exabeam 2.0, which we’re demonstrating at Splunk.conf15 this week in Las Vegas, is the answer to a customer question we’ve heard time and again: How can we protect our company from the security threats that trigger account lockouts without sinking endless personnel hours into manual analysis? We answered that question in the Exabeam Lab, where we modeled lockout behavior and applied that logic and related rules to our latest solution release, which also records how many times a user has been locked out in the past so companies can add that information to the user’s behavior history.
Exabeam 2.0 includes several other new features prompted by security analyst requests, including:
- User watchlists that can be created to monitor employee and contractors who need special attention, for example, if they’ve had malware recently and need to be screened for re-infection.
- Security alert search capabilities to enter an alert from another security product and view a timeline of all users and activities connected to that alert (i.e., “Google for your FireEye system”).
- Auto-classification of executive devices to apply special data monitoring rules to the laptops, smartphones and other machines belonging to company executives.
Some companies see as many as 1 percent of their accounts experiencing lockouts every single day. With the release of Exabeam 2.0, what had been a full-time job for some security professionals – analyzing suspicious lockouts versus innocent ones – can now be completed as easily as reading a yes-or-no signal.
Similar Posts
Recent Posts
Stay Informed
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!