12 Oct Niara’s User Behavior Analytics Solution Certified to Interoperate with McAfee Enterprise Security Manager
Machine Learning-Based UBA Leverages McAfee Enterprise Security Manager (ESM) Data Aggregation While Delivering Advanced Attack Detection and Comprehensive Forensic Information to McAfee ESM Console
SUNNYVALE, CA – October 12, 2016 – Niara, a recognized leader in user and entity behavior analytics (UEBA), today announced that its solution has been certified to interoperate with McAfeeâ Enterprise Security Manager (ESM), a leading enterprise SIEM product. By virtue of seamless bi-direction integration, McAfee ESM provides Niara with a wide range of logs and alerts that are critical inputs to its 100+ supervised and unsupervised machine learning models while benefiting from API-level access to advanced attack detection and aggregated forensic data that Niara generates via its Spark/Hadoop-based big data platform.
Niara complements McAfee ESM with diverse data aggregation, machine learning-based alerts, asset classification and forensic support. Security analysts using the McAfee ESM console will now have the ability to develop risk scoring and behavioral profiles for users, servers, and IP addresses that enable them to spot high-priority attacks using coopted or compromised credentials before they do damage. Additional capabilities include:
- Precision Sensing: Niara uniquely collects user and server-specific data, traffic and events across packets, flows, logs and alerts.
- Behavior Profiling: With precision data collection, Niara’s supervised and unsupervised machine learning models build behavior baselines for single users and users in similar peer groups. Details such as time of access, geographic location, data produced and consumed and duration of access are included in continuously updated risk scores. When user behavior crosses predetermined thresholds of anomalous or malicious activity, the security team is alerted.
- Entity360™: Niara’s Entity360™ is the security dossier for key IT entities such as users and hosts. An Entity360 profile makes the crucial “who” connection between an alert’s IP address and the associated user’s risk score and related activity. Entity360 profiles contain current and historical risk scores and pre-fetched summaries of security-relevant activity, and with one click in the McAfee ESM console, security teams can access them to instantly triage and act on high priority alerts.
- Watch Lists: Given the sensitivity of certain types of assets and users such as sys admins or partners, the security team can establish watch lists that deliver entity-specific security status combined with customized actions to be taken in the event of a high priority alert.
- High Value Asset Focus: Niara’s UEBA business context further refines risk scores. If anomalous behaviors are seen in conjunction with a system that houses critical data, such as patient records, source code or credit cards, the risks scores are automatically recalibrated to reflect the increased threat.
- McAfee ESM Content: Niara alerts are fully parsed via McAfee ESM and can populate reports, dashboards, watch lists and utilized by correlation rules.
“We’re pleased to see Niara has completed McAfee compatibility testing for a use case that we know will benefit our customers,” said D.J. Long, Sr. Director, Intel Security Innovation Alliance. “The value of this integrated solution includes reduced operational costs, greater protection and improved compliance.”
For more information about the integrated solution, register for an Intel Security/Niara webinar entitled “How UBA and Machine Learning Can Turbocharge SIEM” scheduled for Wednesday October, 12 at 10:00 AM PDT.
Niara’s behavioral analytics platform automates the detection of attacks and risky behaviors inside an organization and dramatically reduces the time and skill needed to investigate and respond to security events. The solution applies machine learning algorithms to data from the network and security infrastructure to detect compromised users, entities, and negligent or malicious insiders, reduce the time for incident investigation and response, and speed threat hunting efforts by focusing security teams on the threats that matter. Headquartered in Sunnyvale, Calif., the company is backed by NEA, Index Ventures and Venrock. For more information, visit www.niara.com.
Note: McAfee is a registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.