Blog

Don’t get Mad get BAD!

January 11th, 2016 by Jason Matlof

Increased Behavioral Attack Detection (BAD) Efficiency in New v3.1 Release Makes Hunting Bad Guys Even More Effective

Security industry researchers acknowledge not only the obvious rise in data breaches at organizations from large-to-small, but much more importantly the complete paralysis that security organizations experience in trying to protect themselves from becoming the next victim.

Consider the recently published shocking research data from Ponemon Institute, which includes research from data collected from 630 IT Security organizations:

  • 16,937: The average number of alerts received per week
  • 4%: The number of alerts actually investigated (705)
  • 2/3: The amount of security analysts’ time wasted on the 96% of irrelevant alerts
  • $1.27M: The dollar amount of time wasted on those alerts per year

How can security analysts succeed in a world where conventional vendor tools provide such operational inefficiency? It’s an impossible task for security analysts. Fortunately, LightCyber continues to innovate to eliminate the tremendous overhead and inefficiencies associated with attack detection. Using behavioral profiling and machine learning as an alternative to known-bad, artifact-based detection techniques, Magna dramatically increases the efficiency of operations by alerting only upon the identification of actual anomalous attack behaviors, rather than isolated artifacts or thresholds that drive the aforementioned false positive alert rates.

And, today, Magna gets even better! Today, LightCyber announces the v3.1 release of the Magna Behavioral Attack Detection (BAD) platform with even greater attack detection capabilities that dramatically increase the effectiveness of security operators striving to prevent breaches of their organizations. Specifically, Magna now formally supports User-entity behavioral profiling in addition to the existing Network- and Endpoint-entity profiling, thus providing the industry’s first integrated Network + Endpoint + User Behavioral Attack Detection platform. Magna v3.1 is further strengthened by the release of N2PATM, which provides Network To Process Association to enable the security analyst completely automated, comprehensive investigative data about the observed attack behavior: from the anomalous network behavior; to the endpoint source of that traffic; to the specific host process that sourced that traffic; to the associated user for that process and host; to the target destinations, domains, and services; and to many other related investigative data. With all of this investigative data in a single screen, the analyst can finally focus their precious time and resources on remediation and response to reduce attack dwell time, and eliminate potential damage to the organization.

As Marshal Wolfe, Senior Director of IT at Gigamon said, “Magna is enormously useful in focusing our security operations activities through automated summary information about anomalous network activities, the associated user accounts, and the endpoint processes involved.” (Click here to watch the video interview)

If you think hunting down active attackers by triaging the proverbial tea leaves embedded in tens of thousands of alerts per week is a relic of the past…we agree! Check out the new Magna v3.1 Behavioral Attack Detection platform.

Get BAD with Attackers!

Leave a Reply

Your email address will not be published. Required fields are marked *