Sydney - March 6, 2019—ManageEngine, the real-time IT management company, today announced that it has introduced user and entity behaviour analytics (UEBA) into its SIEM solution, Log360. With score-based risk assessment, threat corroboration, anomaly detection powered by machine learning, and other new capabilities, the Log360 UEBA add-on helps security professionals identify, qualify, and investigate internal threats and anomalies by extracting more information from logs for better context.
According to Verizon’s 2018 Data Breach Investigations Report, over a quarter of the 53,308 cyberattacks in 2017 involved insiders. Insider threats can be particularly difficult to detect with conventional threat detection systems, as it’s hard to spot the signs of someone using their legitimate access to data for nefarious purposes, and both vulnerabilities and exploits are unknown. UEBA delivers more robust and accurate threat detection by using machine learning to set a baseline of a user’s normal activity, and then flag any deviations from that baseline.
"In today’s IT security landscape, rigid alert rules and conventional threat detection systems no longer make the cut. The need of the hour is a system that can learn and adapt to continuous change," said Manikandan Thangaraj, director of program management at ManageEngine. "Log360 UEBA does just that and improves the accuracy of threat detection, helping SOC personnel qualify and investigate threats that actually merit investigation."
Highlights of Log360 UEBA
Log360 UEBA monitors user activity captured in logs to identify behavioural changes. User activities that would otherwise go unnoticed are flagged, reducing the time it takes to detect and respond to threats. The highlights of Log360 UEBA include:
- Anomaly detection: Spots deviant user and entity behaviour such as logons at unusual hours, excessive logon failures, and file deletions from a host that is not generally used by a particular user.
- Score-based risk assessment: Generates a risk score for each user and entity based on how dangerous their behaviour is, helping security admins determine which threats merit investigation.
- Threat corroboration: Identifies indicators of compromise and indicators of attack, exposing major threats including insider threats, account compromise, and data exfiltration.
Pricing and Availability
The Log360 UEBA add-on is available immediately at: https://goo.gl/25wyfH and is priced at US $495.
ManageEngine Log360 is a comprehensive SIEM solution that offers real-time log collection, analysis, monitoring, correlation, and archiving capabilities that help protect confidential data, thwart internal security threats, and combat external attacks. Log360 comes with more than 1,200 predefined reports and alert criteria to help enterprises meet their most pressing security, auditing, and compliance demands. For more information about Log360, visit: manageengine.com/log-management
ManageEngine is bringing IT together for IT teams that need to deliver real-time services and support. Worldwide, established and emerging enterprises—including more than 60 percent of the Fortune 500—rely on our real-time IT management tools (https://www.manageengine.com/products.html) to ensure tight business-IT alignment and optimal performance of their IT infrastructure, including networks, servers, applications, desktops, and more. ManageEngine is a division of Zoho Corporation with offices worldwide, including in the United States, India, Singapore, Japan, and China. For more information, please visit: buzz.manageengine.com; follow the company blog at: blogs.manageengine.com on Facebook at: www.facebook.com/ManageEngine and on Twitter: @ManageEngine
Increasing mandates around the security of personal data have made encryption for every business. Australian businesses are leading the world in the use of encryption to protect backups, payment-related data, and laptops – and yet they still have a long way to go before encryption is both ubiquitous and manageable.
If your last access-control update was even a few years ago, you’re probably more exposed to fraud and exploitation than you’d like to be.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem