LOS ANGELES, CA and SAN FRANCISCO, CA–(Marketwired – Feb 25, 2014) – Securonix today announced release 4.6 of its Data Exfiltration Intelligence application. The release introduces the industry’s first true data exfiltration detection and prevention solution with a “user-centric” threat detection model made up of identity, access, and activity risk factors that are continuously monitored for abnormal or high-risk changes and correlated with any data leak prevention (DLP) events. Data Exfiltration Intelligence, when combined with existing event-centric DLP solutions, enables the automated identification and risk ranking of possible threats within a stream of DLP events.
“This is a game-changing capability for traditional event focused DLP, insider threat and data exfiltration programs that lack the full context to detect data exfiltration situations and are being overwhelmed with too many events,” said Sachin Nayyar, CEO, Securonix.
The Securonix solution mines DLP events, proxy logs, printer logs and performs automated analytics on them including identity correlation, recipient analysis, sentiment analysis, behavior analysis, peer group analysis and other techniques to identify data exfiltration threats tied to specific or multiple event. The application automatically monitors for users that show flight risk behavior, high privileged access, and any sensitive data access. Each DLP event is dynamically risk ranked as Securonix continuously updates the user-centric threat model based on new user activity or changes in their identity and access risk profiles.
Identified threats can be rapidly investigated through link analysis in the Investigation Workbench feature that brings the full context of identity, activity, access, and the DLP violations together. The risk-ranked DLP events, user watch lists (e.g. users showing flight risk activity), user identity information, and other threat alerts can be pushed back into the source DLP product for focused monitoring and better context-based analysis.
“Our customers are identifying exfiltration threats they never would have caught before not to mention reducing the number of DLP events they need to look at by over 95 percent,” said Tanuj Gulati, CTO at Securonix.
The solution works out of the box with Symantec’s Vontu, McAfee DLP, and Verdasys’s Digital Guardian DLP products and can be deployed and identifying true data exfiltration situations within days.
“This capability also allows organizations start detecting the theft of sensitive unstructured intellectual property data beyond the structured credit card and PHI data,” said Nayyar.
The solution will be showcased at the RSA Conference, taking place in San Francisco Feb. 24-27 at the Securonix Booth #2038. More information on the solution can be found at https://securonix.com/secureproduct/dataexfiltration/