Home SMART 100 2016 Security breach detection using behavioural analytics

Security breach detection using behavioural analytics [SMART 100, 2016]

0

This SMART 100 profile and the information it contains is a duplication of content submitted by the applicant during the entry process. As a function of entry, applicants were required to declare that all details are factually correct, do not infringe on another’s intellectual property and are not unlawful, threatening, defamatory, invasive of privacy, obscene, or otherwise objectionable. Some profiles have been edited for reasons of space and clarity.

Learn more about the SMART 100 >>

1. THE BEGINNING

This innovation initially came to life when…

it was noticed that large enterprises were being hacked despite big investments in very capable technology. It was apparent that the most successful hackers were gaining access using valid credentials – these were stolen, guessed, or harvested through phishing emails or malware.

With a long background in enterprise security consulting and incident response, Jeff identified that hackers would not behave the same as the real user, even though the hacker was pretending to be that person. ResponSight was created as a way to detect when real users suddenly start behaving like a completely different person.

2. WHAT & HOW

The purpose of this innovation is to…

identify security breaches using behavioural analytics. Using risk profiling techniques and not relying on legacy methods of breach identification allows ResponSight to more accurately detect anomalies and prioritise rapid and targeted response.

t does this by…

building activity profiles of “normal” behaviour and continually compares that profile against current activity. The profiles are dynamic and evolve with the user over time, and are built without needing to collect any private or sensitive data of any kind.

3. PURPOSE & BENEFITS

This innovation improves on what came before because…

legacy security technologies have a long heritage in the use of static “signatures” that look at just activity on the PC or network. ResponSight is a purpose-built reinvention that directly links the user with the activity, to improve accuracy and reduce security alert “noise” common in traditional technologies

Its various benefits to the customer/end-user include…

detection of potential breaches usually using guessed or stolen credentials, that are unlikely to be detected by traditional technologies. Also allowing enterprises to prioritise and focus incident response efforts with reduced detection times.

4. COMPETITIVE LANDSCAPE

In the past, this problem was solved by…

manual updating of signatures or detection rules, or through the use of a external managed service. In many cases, the problem has not been solved, with organisations choosing to go without rather than incur the expense and workload associated with traditional technologies

Its predecessors/competitors include…

traditional anti-virus and anti-malware solutions, along with signature-based security incident and event monitoring solutions.

5. TARGET MARKET

It is made for…

large enterprises who have already invested in capable security technologies but are aware there is a serious gap in their coverage – the ability to detect breaches that occur when attackers use guessed/stolen credentials and pretend to be an authorised, real user. ResponSight improves their risk coverage, shortens detection times, and integrates with existing technologies without requiring significant investment or resource commitment.

It is available for sale through…

ResponSight directly, and through channel distribution and value added resellers later in 2016

Our marketing strategy is to…

work directly with pilot enterprises while we expand and refine our capability. Security technologies require vendor trust, and testimonial clients will assist with the direct to market strategy along with channel and reseller partnerships.

FINE PRINT: This SMART 100 profile and the information it contains is a duplication of content submitted by the applicant during the entry process. As a function of entry, applicants were required to declare that all details are factually correct, do not infringe on another’s intellectual property and are not unlawful, threatening, defamatory, invasive of privacy, obscene, or otherwise objectionable. Some profiles have been edited for reasons of space and clarity.

Get unlimited access to our FREE business tools…

Need to raise capital? Want to become a more persuasive presenter? Want to master social media? Is it time to overhaul your website? Unlock the library to get free access to free cheat sheets and business tools. Click here for free business tools.