Blog

Ch 1 – SIEM 2.0: Why do you need security analytics?

Published on September 21, 2017

Authors: Securonix Labs Current State of Data and Threats Today, we see organizations face extraordinary challenges related to the safety of their information. With a majority of it stored and transferred in digital form, there is an important need to secure this data. Different types of stored data include personal...

Data Science: A Comprehensive Look

Published on September 14, 2017

There is a lot of hype, confusion and misinformation regarding the use of machine learning, data sciences and AI for advanced threat detection. While it is true that many security solution vendors across the various disciplines of security have incorporated elements of data sciences for security detection, complete explanation, and...

Securing Patient Data Privacy Using User & Entity Behavior Analytics

Published on September 11, 2017

Healthcare organizations are aware of the extremely sensitive nature of, and consequently the importance of securing patient data. Hackers, on the other hand, are also well aware of the value of this PHI, including its monetary value. As such, they employ increasingly nefarious techniques in order to gain illegitimate access...

Equifax – The Mother Of All Data Breaches

Published on September 8, 2017

The Equifax data breach that rocked the cyber security industry yesterday is not just another data breach, it’s the mother of all data breaches. This is not because of its sheer size - the number of people affected exceeds the working age population of the United States. We have, unfortunately, seen...

Securonix Threat Research: Carbanak/FIN7/Anunak Reappears, Causes Losses

Published on September 5, 2017

By Oleg Kolesnikov, Securonix Threat Research Team Introduction In August 2017, we learned of new attacks by a persistent malicious cyber threat actor known by the name of Carbanak aka FIN7 [1]. The most recent attack variants have been targeting mainly chain restaurants, hospitality, and casino industry in the US...

Adding Spark to Accelerate Security Management

Published on July 20, 2017

Written By David O'Hara, Security Engineer at Securonix Many organizations today are faced with a common challenge when handling potential threats within their environments, and that is the time to execute various security management steps from detection to resolution. The security management process in most organizations involves at least 3...

Leverage Machine Learning For Cybersecurity

Published on July 20, 2017

We have firewalls, IPS, endpoint protection, DLP, SIEM and we still continue to get breached. The average breach to detection time is over 220 days, far too long. We are collecting the necessary information to do better than that. Pick any of the breaches over the last few years and...

Seven Reasons To Replace Your Legacy SIEM with Security Analytics

Published on June 24, 2017

Like it or not, your SIEM deployment is actually preventing you from succeeding in your daily cyber security battle. You adversaries are using techniques your SIEM can’t detect, across device types that SIEMs weren’t built to handle, and most importantly the greatest threat actor already has access to organizational IT...

Protecting the Data – The Final Battle? Can Behavior Analytics Technology be the Answer?

Published on June 15, 2017

Michael Lipinski, Securonix CISO, chief security strategist and Institute for Critical Infrastructure Technology (ICIT) fellow, contributed the following essay to ICIT's Anthology, "Next Generation Defenses for a Hyper Evolving Threat Landscape" highlighting next-gen defenses in the new and evolving threat landscape. Protecting the Data – The Final Battle? Can Behavior...

Intellectual Property Protection Using Securonix Security Analytics

Published on May 31, 2017

"Without Securonix we never would have found this!" Typical Big Data Security Analytics deployments of the Securonix solution are for use cases such as insider threat detection, data exfiltration, privileged account misuse and external cyber threats. The trusted insider accessing and downloading files that they’ve never accessed before or that...