29 Aug No Rules! UEBA as it Should be
When significant new technology appears in the marketplace, it’s always interesting to see how many vendors and products quickly jump on the band wagon to embrace it. The trouble is that with many of the vendors there is no real substance to their claims regarding the new technology. It’s often just talk; smoke and mirrors; and clever use of marketing buzz words but with limited actual new technology.
A case in point: take machine learning as it applies to UEBA. With most user / entity behavior analytics products the actual “machine learning” component is dependent on a set of rules and heuristics that must be established by system administrators. While such products may be capable of some level of machine learning, they are slow and difficult to implement, and require a lot of tuning and hand holding by professionals before they become effective. Moreover, their rules and thresholds require constant tuning and manual adjustments, which make the whole system fall short of the potentials of machine learning.
Fortscale is different. With no rules to set up, Fortscale installs quickly and starts getting smarter the second you turn it on. Fortscale models your users and systems autonomously **on-the-fly**, learning as it goes. Fortscale’s insider threat detection engine analyzes authentication and contextual data from a number of sources within your environment, and quickly models “normal” or baseline user and entity behavior. Using multivariate statistical analysis and machine learning, Fortscale identifies when deviations in behavior occur without the need to manually write a single rule.
Fortscale’s insider threat solution lowers analyst stress levels and makes your whole security operation work a whole lot better. UEBA as it should be – No Rules!