15 Aug Fortscale 2.7 Released!
With so much happening at Fortscale, it seems like every single day marks some special event. But today, with the release of Fortscale 2.7, we are celebrating a particularly momentous day.
As I reflect on the last few years and how we got to this point with the product, I find the evolution that’s taken place in the security analytics space to be absolutely fascinating. Although it’s taken a lot of time and hard work, it’s very gratifying to now look back and realize that Fortscale is not only part of this great evolution, but in many areas we are blazing the way. Our innovation is being acknowledged in numerous ways. For example, Gartner just named us as a COOL VENDOR for 2016 in User and Entity Behavior Analytics category.
Before discussing the 2.7 release, I want to acknowledge our key partners and customers and how they continually drive us to develop the latest in technologies and capabilities. For example, the last couple of months have been very exciting here at Fortscale. We have added new partners and channels, and have obtained significant new customers in the US and Europe. These and other key customers and partnerships continually drive us to innovate and develop new capabilities and use cases. We and our customers know that the UEBA space is just getting started, and we are thrilled to be contributing in such a significant way.
Customers of all sizes and in all verticals are realizing realize the need to combat insider threats, and their security requirements for accuracy and effectiveness have grown significantly. They continue to see the advantages of implementing UEBA solutions to enhance the effectiveness of their SOC and security analyst’s work, and Fortscale’s superiority in these areas is being understood and accepted more and more.
Initially, UEBA was a good solution in order to leverage SIEM systems and Splunk – ingesting log data that was already collected and stored in log repositories, and enhancing the viewing angle of that data. Instead of getting lost in enormous piles of data with thousands of rules – the initial UEBA solutions provided a focus on users and entities and catching suspicious behavior of them – all while providing a friendlier user interface. A better SIEM experience, SIEM in disguise if you’d like. CISOs got clear value from this 1st generation UEBA, yet it was limited to the KNOWN threats and KNOWN use cases.
And from the roots of this traditional UEBA, came the new, 2nd generation of UEBA. This new generation may leverage log repositories like SIEM or Splunk, but it never copies their pre-defined rules. It may leverage the log parsing and consumption these traditional systems created, but it will never use heuristics and pre-defined thresholds in order to find the bad guys. The new generation may be deployed near the SIEM, but it will never require months of professional services and customizations. Instead, it uses 100% machine learning to find the real malicious behavior.
At Fortscale, we are very proud and excited to be the innovator of this 2nd generation of UEBA. From its inception, Fortscale uses zero rules. Instead, our analytics are 100% machine learning. We don’t assume or need to be told what constitutes good or bad policies, or what represents bad employee behavior. Our product learns it automatically. That makes life so much easier for our customers. It’s more extendible, and dramatically reduces the time to value. Customers can immediately provide Fortscale any log data (immediate as in “today”), and Fortscale will leverage it, without the need to write rules and heuristics to make it work. It’s not SIEM in disguise. It’s leveraging the newest technologies and analytics to catch the UNKOWN behavior of users and entities in the enterprise.
We are excited to be leading the 2nd generation of UEBA; in fact, you could say that our team is fanatic about always having the leading technology. We are so fanatical about this that we’ve once again taken our machine learning to the next stage by providing conclusions and not just anomalies. As one of our senior engineers told me the other day – “If you are using machine learning, do it right”. It’s just not smart to merely pinpoint anomalies to the analyst. Sometimes they are not interesting and worth investigation, even if they are accurate. Today we no longer pop up anomalies to the analyst – we pop up conclusions. With our patented SMART Alerts we automatically create conclusions based on aggregations of anomalies around specific context. We are the only UEBA vendor to do that, and I have no doubt that this capability will become a standard in the industry. And did I mention “No Rules”?
Continually developing and enhancing this revolutionary technology and platform could not be possible without great partners and customers. From our long-time partners to brand new ones such as Fishtech and UST Global, we value and appreciate each one and their vote of confidence in our superior technology. Our customers range in size from small organizations with a SOC of only 2, to huge enterprises with over 200,000 users and very large SOC teams. The experience we gain from this diversity is critical as we develop the most powerful UEBA tools available.
And now, a bit about our newest release. Fortscale 2.7 sheds light on insider credentials compromised on the Dark Web and advanced attackers’ remote lateral movement—and we think that’s pretty exciting. Even Gartner has been discussing the need for a solution that addresses these problems and we’re delivering it. In addition to these use cases, Fortscale 2.7 features new supported data sources and a new user experience that makes it easier for security professionals to find and stop insider threats automatically. Read more about it here.
Thanks for being part of this journey, and watch for some additional innovative and important announcements to follow in the next weeks and months.