Startup Niara aims to catch stealthy attacks

Startup Niara has come out of stealth to do battle in the growing field of security intelligence and analytics where it detects and correlates anomalous behaviors and assigns confidence scores that indicate whether they should be further investigated as threats.

Startup Niara has come out of stealth to do battle in the growing field of security intelligence and analytics where it detects and correlates anomalous behaviors and assigns confidence scores that indicate whether they should be further investigated as threats.

Niara Security Intelligence is a software platform that gathers data from TAP or SPAN ports on routers, logs, SIEMs, IDSes and other third-party products customers may already own.

Its Niara Analyzer crunches the data and correlates events that could represent attacks, assigns severity scores and issues alerts that can be drilled into by security analysts to reveal the underlying forensic elements from which the analyzer concluded threats.

The goal is to help customers find attacks that other security platforms firewalls, intrusion prevention systems, antivirus, etc. might miss by linking together events that on their own don't represent trouble but when strung together indicate multi-stage attacks unfolding, says Sriram Ramachandran, CEO of Niara. It also helps filter out some of the noise created by alerts being fired off from other platforms, he says.

The threats are aggregated in the context of entities, the term with which Niara describes users, devices and applications. Niara Security Intelligence profiles entities based on their historical behavior but also on their behavior in comparison to other entities in their peer group. So is a user in sales doing something different from everyone else in sales? Is a device attempting network connections that its peer devices do not? Nira calls its profiles of users, applications and devices Entity 360 Profiles.

What Niara does overlaps with elements of what other vendors do, including  Bit9+Carbon Black, Black Ensilo, Fireeye, Guidance, LightCyber, Outlier, Promisec, Resolution1 Security, and Tanium.

The company is backed by two rounds of venture funding totaling $29.4 million from Venrock, New Enterprise Associates (NEA) and Index Ventures.

It was founded in the summer of 2013 by Ramachandran and other veterans of traditional security companies seeking a way to catch complex attacks that these traditional technologies missed.

The name Niara means haystack in Spanish. He says it has no particular significance for the company other than it was a name and that the word was available as a URL. However, if it did refer to finding needles in haystacks, he says it would really be about threading the needles together after they were found.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityintel

More about SPAN

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place