Category: Product

“One of the main goals of big data security analytics is to improve operations and accelerate incident detection/response,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. There is a need for solutions to easily discover changes in the system, trends and patterns, and other anomalous behavior that may expose signs of risks and threats.”

With EnCase Analytics, we are leveraging this expertise to empower organizations to derive useful insights from the noise that endpoint data produces,” said Victor Limongelli, chief executive officer, Guidance Software, Inc. “Unlike other endpoint security solutions, EnCase Analytics does not rely on signatures, heuristics or indicators, but instead leverages big data analytics to draw useful connections between seemingly unrelated activities in disparate data types.” EnCase Analytics leverages data from across all your endpoints from the kernel level instead of trusting a compromised operating system, resulting in a repository of the most reliable and useful data for insights into undetected risks and threats.

Link: http://www.it-analysis.com/technology/security/news_release.php?rel=38406

“Companies now understand that hidden in the terabytes of user-generated machine data are abnormal patterns of activity that represent the presence of malware or the behavior of malicious insiders,” Seward adds. “The new Splunk App for Enterprise Security enables statistical analysis of HTTP traffic to help security professionals determine a baseline for what’s normal, quickly detect outliers and use those events as starting points for security analysis and investigation.”

The new version of Splunk App for Enterprise Security automates monitoring and correlation of these outliers and anomalies in real time and presents the resulting analysis via dashboards and alerts.

“As long as you’re capturing proxy data, for example, all of that data will automatically go into the Splunk App for enterprise Security and all of those statistical outliers will be there and available to you.”

“Finding advanced threats is hard,” adds Jim Krev, Sr., security manager of Fieldglass, a provider of vendor management system (VMS) technology that two years ago replaced its legacy Security Information and Event Management (SIEM) tool with Splunk Enterprise and the Splunk App for Enterprise Security.

What Splunk has done with the Enterprise Security 2.4 release is make it easier to find and visualize unusual characteristics of data using statistics,” Krev says.

Link: http://www.csoonline.com/article/732635/splunk-adds-statistical-analysis-to-enterprise-security-app?source=rss_data_protection

Today, flash drives are just as convenient as when they were first released, but many also contain high levels of security, which has helped bring them back into government.

“People often carry sensitive personal files on their USB drives, and they often don’t realize that their drive can be infected when plugged into a computer, and then that infection can be transferred to other machines. Together with Kingston and ClevX, we can offer a solution which keeps the contents of USB flash drives safe and malware-free and prevents malware from spreading via removable media.”

Link: http://gcn.com/articles/2013/04/26/kingston-adds-malware-scanner-secure-drives.aspx

The new CyberReveal analytics and investigation product is designed to give internal IT security analysts a single view of existing cyber threats so they can protect intellectual property and sensitive commercial or customer banking data information from being stolen or compromised and to cut investigation times by up to 75%, claims BAE Systems Detica.

It gives internal anti-fraud bank analysts and other end users a single view of network activity across their whole IT estate, detecting attacks by their behaviour – not just by the signatures of previous attacks – so that distributed denial of service (DDOS) attacks can be prevented or customer data protected from identity threat attempts.

It is designed to help analysts protect their FS organisation faster, driving more value by integrating with existing infrastructure and security systems, with plug-in analytics packs also providing cost-effective protection to combat evolving threats and new threat vectors.

Commenting on the new launch, Martin Sutherland, managing director of BAE Systems Detica, said: “Commercial organisations are growing ever more concerned about securing their most valuable [data] assets – the larger the organisation, the greater the number of avenues for cyber attackers to exploit. CyberReveal addresses four key areas where traditional approaches are proving ineffective against the modern cyber threat – it helps analysts to prioritise the incidents they investigate, manage huge data volumes, evolve their defences, and enable quicker, more informed decision-making.”

Link: http://www.bobsguide.com/guide/news/2013/Apr/22/bae-systems-detica-unveils-cyberreveal-security-alert-service-for-private-firms.html

You retain full control of the keys and the cryptographic operations performed by the HSM(s) you create, including exclusive, single-tenant access to each one. Your cryptographic keys are protected by a tamper-resistant HSM that is designed to meet a number of international and US Government standards including NIST FIPS 140-2 and Common Criteria EAL4+.”

Users who sign up for the service will be provided with administrator credentials, allowing them to create user accounts, create and manage encryption keys, and perform other cryptographic-related tasks using their accounts.

It can be accessed via a number of standard APIs once provisioned, including Microsoft Cryptography API (CAPI), PCKS #11 (Cryptographic Token Interface Standard) and Java JCA/JCE (Java Cryptography Architecture / Java Cryptography Extensions).

Even so, it’s certainly not the cheapest solution around, with AWS demanding a cool $5,000 to provision a single CloudHSM, on top of the $1.88 hourly fee it charges (about $1,373 per month, on average).

Link: http://siliconangle.com/blog/2013/03/27/aws-launches-cloudhsm-app-to-bolster-data-security-in-the-cloud/