BluVector IRIS Applies Behavioral Analytics to Pinpoint Anomalies
RSA CONFERENCE USA – SAN FRANCISCO– April 18, 2018 – Hunting sophisticated threats is a daunting task requiring a dizzying array of data, tools, and talent. Companies of all sizes need a simpler, more efficient approach to sensing and responding to those threats originating inside or outside the network.
To address this need, BluVector and SS8 Networks today announced a partnership that delivers a new solution called BluVector® IRIS™, the only suite on the market that offers this visibility across the entire kill chain. Organizations can now quickly identify and replay anomalous network behaviors that represent movement by infected hosts or malicious insiders seeking to exfiltrate proprietary data.
An add-on to BluVector®Cortex™, BluVector IRIS provides an unprecedented ability to construct a 360 degree view of the entire cyber threat kill chain, enabling organizations to detect, analyze and contain any threats originating from outside or inside the network. The combined platform examines more than 4,000 network protocols for potential malicious events and performs machine learning, network-based forensic detection, speculative code execution, and behavioral analysis on all communications.
“BluVector’s AI-driven network security platform helps companies sense and respond to sophisticated threats at the point of delivery. BluVector IRIS, powered by SS8, extends that approach with post-breach detection, adding deep context into network activity so that threats can be exposed with very little manual analysis,” said Dennis Haar, CEO, SS8 Networks. “This partnership enables customers to reduce the time from breach until discovery through constant vigilance of all network activity, and with real-time and historical forensic analysis, highlights the time, device and individual breached.”
“Attempting to keep up with the possible tactics and techniques of bad actors is getting more difficult,” said Kris Lovejoy, CEO, BluVector. “Companies need a portfolio of tools to see into their networks, identify anomalous activity and ultimately protect their critical assets. By partnering with SS8, we are helping customers create a better way to detect, analyze and contain sophisticated threats across the entire kill chain.”
Primary uses for BluVector IRIS include:
Network Visibility: Lightweight software sensors are deployed deep within the network to monitor and record east/west network communication. High-definition records of each transaction offers a comprehensive view of an event. Events can be traced back to exact systems and users.
Behavioral Analysis: Performing behavioral analysis on each network-related communication, BluVector IRIS quickly detect anomalous network behaviors pre- and post-breach, including unusual internal file transfers, suspicious or illegitimate connections, use of non-standard ports, as well as unauthorized credential usage.
Learning Analytics: BluVector IRIS combines external threat intelligence with details about users, systems and network traffic patterns to continually retrain the detection engines. This intelligence led machine learning optimizes the system as it operates.
Prioritized Discovery: Using advanced analysis engines, BluVector IRIS provides a threat score for each threat discovered to help prioritize actions to protect the most critical resources.