New Delhi, India, November 25, 2014: CyberArk, the company that protects organisations from cyber attacks that have made their way inside the network perimeter, continues to gain industry recognition for delivering privileged account security intelligence that can help customers reduce the window of opportunity for attackers, according to a new report from leading analyst firm KuppingerCole. The firm “strongly recommends evaluating CyberArk Privileged Threat Analytics both in the context of existing CyberArk deployments and in the context of security operations centre infrastructures.” To download a free copy of the report examining the recently released CyberArk Privileged Threat Analytics 2.0, please visit: http://www.cyberark.com/resource/kuppingercole-cyberark-privileged-threat-analytics
In the report, KuppingerCole recognises that privileged accounts are the primary target for attackers, and that traditional perimeter security systems such as firewalls are no longer effective against targeted attacks. CyberArk Privileged Threat Analytics specialises in detecting and analysing potentially malicious use of privileged accounts across systems and users, requiring fewer skills to operate than a traditional security information and event management (SIEM) solution. Real-time analytics on targeted data is a departure from the ‘boil the ocean’ approach of general security analytics tools and enables companies to quickly identify in-progress attacks and respond appropriately.
“Having a specialised offering for behavioural analytics that returns targeted data on privileged account usage provides visibility that other analytics approaches do not,” said Martin Kuppinger, founder and principle analyst, KuppingerCole. “CyberArk Privileged Threat Analytics is a well thought-out solution focused on solving a major deficiency among most security strategies: understanding anomalies in the use of privileged accounts and thus increasing the ability to quickly identify and respond to attacks.”
“Attackers steal and exploit privileged and administrative credentials and are able to navigate the IT network anonymously as insiders, often for months. Once an attacker gains this foothold, they conduct reconnaissance on network architecture, elevate privileges for further access and gain a better understanding of the security systems they need to avoid,” said John Worrall, chief marketing officer, CyberArk. “This level of insider access is critical for attackers to pinpoint targets inside the network and reach their operational goals without detection. Identifying this type of malicious privileged behaviour is what has been missing from general security analytics tools.”
CyberArk Privileged Threat Analytics provides out-of-the-box integration of data feeds from leading SIEM systems such as HP ArcSight ESM and Splunk Enterprise. This enables customers to prioritise threats that involve privileged account usage amongst the wealth of data their SIEM collects. For example, if an attacker tries to access a server, firewall or other endpoint directly without going through the policy-mandated workflow, CyberArk Privileged Threat Analytics can identify and alert on this.
The report highlights ease-of-use, noting that CyberArk Privileged Threat Analytics “provides a simple, intuitive user interface and well thought-out dashboards.” KuppingerCole adds that CyberArk Privileged Threat Analytics could serve as an entry into a more advanced privileged account security solution by focusing first on the analysis of account behaviour.