Information Security

Next-gen SIEM & UEBA

Powered by Machine Learning That Detects Any Threat, Anytime, Anywhere.

Modern threats are complex, often executed with compromised credentials or with the help of insiders with legitimate credentials, and carried out over long periods of time. Predicting, detecting and containing these threats is near-impossible using traditional signature-based solutions that were not developed to protect organizations from advanced or insider attacks. Securonix UEBA 6.0 is purpose-built to rapidly detect any threat, anywhere, leveraging machine learning and behavior analytics that analyze and cross-correlate all interactions between users, systems, and data to detect insider threats, cyber threats, fraud, cloud data compromise and noncompliance. Light, nimble and quick to deploy, version 6.0 of Securonix UEBA is faster and smarter with a new, ultra-modern user experience based on design concepts that provide intuitive visualizations of enterprise risk and one-click actions for threat management and risk mitigation. Packed with enhanced analytical and machine learning capabilities, 6.0 comes with more than 350 out-of-the-box connectors and over one thousand one-click deploy threat models that immediately deliver tangible value.

How does it work?

  • Screen Shot 2016-02-29 at 4.24.01 PM

    Super Enrichment – Events that can look harmless in isolation often map into high-risk threats when analyzed in context over time. UEBA 6.0 correlates and analyzes events from multiple sources such as user, device, asset, application, and network segment to predict, detect and contain slow-and-low attacks that are invisible to legacy solutions.

  • Screen Shot 2016-02-29 at 5.00.40 PM

    Real – time Behavior Analytics – Patented unsupervised and supervised machine learning and statistical algorithms profile normal activity and detect anomalies. Some of the key signature-less techniques include mix-max clustering, peer analysis, event rarity analysis, predictive learning, fuzzy correlation, robotic pattern detection, DGA detection and sequential learning.

  • Screen Shot 2016-02-29 at 8.00.46 PM

    Investigation and Response – Full incident management capabilities investigate and respond to threats including link-analysis with drag-and-drop graphical representation for ad-hoc investigations, reviews and analysis. Plus, case management capabilities with out-of-the-box, dynamic workflows based on industry best practices are built into the platform. Case management workflows are fully customizable based on client need.