Exabeam Responds to Insider Data Exfiltration Incidents with Code42 Integration
Joint Exabeam – Code42 solution integrates detection, automated investigations and incident response capabilities to reduce risks caused by compromised, negligent or malicious insiders.
In another update on Threat Detection and Response, Cisco and Gigamon also announced their platform integration for Cloud-driven organizations.
With the modular Exabeam Security Management Platform, analysts can use behavioral analytics to detect attacks, automate investigation and incident response, and reduce storage costs. Exabeam Smart Timelines, sequences of user and device behavior created using machine learning, further reduce the time and specialization required to detect attacker tactics, techniques and procedures.
Code42 is a leader in insider risk detection and response
The strategic partnership will help security and insider threat teams quickly detect, investigate and respond to data exfiltration, and reduce risks caused by compromised, negligent or malicious insiders. Customers using the joint solution will benefit from having a full picture of their environment, even in distributed workforce conditions, with the automated incident response to obstruct insider threats before data loss occurs.
How Badly Insider Threats Affect Security Postures
Insider threats are now among the most serious security risks and are becoming increasingly difficult to manage using conventional security technologies.
Work From Home, IT Virtualization and Cloud Adoption Resulting in Data Exfiltration Cases
The huge shift to remote working in 2020 has increased the use of personal devices, and at the same time, reduced the effectiveness of existing enterprise security solutions. When devices aren’t accessing assets directly through the corporate network or a VPN and instead going straight to the cloud, on-premise network data loss prevention (DLP) techniques and network firewalls have blind spots. Remote workers have also become the targets of social engineering attacks as cybercriminals attempt to exploit them to access corporate networks.
At the time of the announcement,
“The unprecedented growth in distributed work presents novel and complex insider threats — even when compared to just months ago,” commented Grant McCormick, CIO, Exabeam.
Grant added, “As a result, organizations should attach greater urgency to monitoring risky activities that may impact the security of their vital data. Failure to do so creates a potentially catastrophic blind spot in the protection and integrity of enterprise infrastructure.”
How Exabeam – Code42 Integration Benefit Organizations
The partnership enhances security across a variety of exfiltration vectors — across endpoint to cloud, through a technology integration, which uses the Exabeam Cloud Connector solution to ingest data that indicates risk from the Code42 IncydrTM product into Exabeam Data Lake and Exabeam Advanced Analytics.
Organizations using the Exabeam and Code42 integration will gain the ability to establish or more easily build insider threat programs and processes. These organizations’ security operations center (SOC) and insider threat teams can:
- Provide real-time analysis and reporting on security alerts and data exfiltration attempts across their environment;
- Accelerate investigations related to insider threats with detailed incident context across exfiltration vectors, file types, and user attributes and behavior;
- Resolve insider risk incidents faster through a combined solution that delivers high-fidelity alerts and actionable insights, along with the ability to correlate alert information and triage incidents.
Ananth Appathurai, strategic partnerships and ecosystem SVP at Code42, said, “Together, we can offer organizations the ability to protect their systems and data from the malicious and accidental consequences of insider threats. This is vital as the recent changes in workplace culture evolve into permanent distributed strategies that legacy data protection solutions aren’t designed to address.”
Insider Risk Summit 2020
To further support their cooperation, Exabeam is joining Code42 as a founding partner of the inaugural Insider Risk Summit, where the security community will connect to address the growing data risks from insider threats.
Presented as a virtual event on Sept. 17, 2020, it is the premier gathering for security leaders and professionals to gain knowledge, share insights and advance strategies on detecting and responding to one of the biggest security challenges: the growing risk to IP and data presented by cloud-based collaboration and decentralized work.
Chris Stewart, senior director, business development & global alliances at Exabeam says –
“This technology collaboration between Exabeam and Code42 will allow employees to use the tools they need to work in distributed environments, while giving security teams visibility into how files are moving across endpoints and cloud applications.”
Chris added, “It’s an important collaborative step, and by joining forces for events such as the Insider Risk Summit, we aim to maximize awareness of the risks of data loss from insider threats.”
What is Code42?
Code42 is the leader in insider threat detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity.
With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.
On the other hand, Exabeam is helping InfoSec Ops (Security operations and insider threat) teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with missed distributed attacks and unknown threats, manual investigations and remediation, or excessive storage fees.
(To share your InfoSec and Cloud Security insights, please write to us at News@martechseries.com / firstname.lastname@example.org)