The firm “strongly recommends evaluating CyberArk Privileged Threat Analytics both in the context of existing CyberArk deployments and in the context of security operations centre infrastructures".
In the report, KuppingerCole recognises that privileged accounts are the primary target for attackers, and that traditional perimeter security systems such as firewalls are no longer effective against targeted attacks. “Having a specialised offering for behavioural analytics that returns targeted data on privileged account usage provides visibility that other analytics approaches do not,” said Martin Kuppinger, Founder and Principal Analyst, KuppingerCole.
In the report, KuppingerCole recognises that privileged accounts are the primary target for attackers, and that traditional perimeter security systems such as firewalls are no longer effective against targeted attacks. “Having a specialised offering for behavioural analytics that returns targeted data on privileged account usage provides visibility that other analytics approaches do not,” said Martin Kuppinger, Founder and Principal Analyst, KuppingerCole.
“CyberArk Privileged Threat Analytics is a well thought-out solution focused on solving a major deficiency among most security strategies: understanding anomalies in the use of privileged accounts and thus increasing the ability to quickly identify and respond to attacks.”
“Attackers steal and exploit privileged and administrative credentials and are able to navigate the IT network anonymously as insiders, often for months. Once an attacker gains this foothold, they conduct reconnaissance on network architecture, elevate privileges for further access and gain a better understanding of the security systems they need to avoid,” said John Worrall, Chief Marketing Officer, CyberArk.
“Attackers steal and exploit privileged and administrative credentials and are able to navigate the IT network anonymously as insiders, often for months. Once an attacker gains this foothold, they conduct reconnaissance on network architecture, elevate privileges for further access and gain a better understanding of the security systems they need to avoid,” said John Worrall, Chief Marketing Officer, CyberArk.
“This level of insider access is critical for attackers to pinpoint targets inside the network and reach their operational goals without detection. Identifying this type of malicious privileged behaviour is what has been missing from general security analytics tools.”
CyberArk Privileged Threat Analytics provides out-of-the-box integration of data feeds from security information and event management (SIEM) systems such as HP ArcSight ESM and Splunk Enterprise. This enables customers to prioritise threats that involve privileged account usage amongst the wealth of data their SIEM collects. For example, if an attacker tries to access a server, firewall or other endpoint directly without going through the policy-mandated workflow, CyberArk Privileged Threat Analytics can identify and alert on this.
Download a free copy of the report here.
CyberArk Privileged Threat Analytics provides out-of-the-box integration of data feeds from security information and event management (SIEM) systems such as HP ArcSight ESM and Splunk Enterprise. This enables customers to prioritise threats that involve privileged account usage amongst the wealth of data their SIEM collects. For example, if an attacker tries to access a server, firewall or other endpoint directly without going through the policy-mandated workflow, CyberArk Privileged Threat Analytics can identify and alert on this.
Download a free copy of the report here.
No comments:
Post a Comment