UEBA for Cloud Apps - PowerPoint PPT Presentation

About This Presentation
Title:

UEBA for Cloud Apps

Description:

UEBA successfully detects malicious and abusive activity that otherwise goes unnoticed, and effectively consolidates and prioritizes security alerts sent from other systems. Organizations need to develop or acquire statistical analysis and machine learning capabilities to incorporate into their security monitoring platforms or services. – PowerPoint PPT presentation

Number of Views:22

less

Transcript and Presenter's Notes

Title: UEBA for Cloud Apps


1
LTS SECURE UEBA FOR CLOUD APPS
2
CONTENT
  • LTS Secure UEBA for Cloud Apps
  • Advantages of UEBA
  • Use Cases
  • Top suspicious email IPs
  • Top Suspicious Users
  • Activities bifurcation by role
  • Visibility

3
LTS SECURE UEBA FOR CLOUD APPS
  • UEBA (User Entity Behavior Analytics) is the
    most promising solution to fight against cyber
    threats and fraud as it allows us to get ahead of
    the attackers by detecting risks and restrict
    them.
  • UEBA successfully detects malicious and abusive
    activity that otherwise goes unnoticed, and
    effectively consolidates and prioritizes security
    alerts sent from other systems. Organizations
    need to develop or acquire statistical analysis
    and machine learning capabilities to incorporate
    into their security monitoring platforms or
    services. Rule-based detection technology alone
    is unable to keep pace with the increasingly
    complex demands of threat and breach detection.
  • PAE uses UEBA to provide insights on cyber
    security and analytics. Our solution analyses
    volumes of data to establish a baseline of normal
    user and system behavior, and flag suspicious
    behavior anomalies. The result is a sophisticated
    artificial intelligence platform that detects
    insider and cyber threats in real time.

4
ADVANTAGES OF UEBA
  • Provides behaviour based analytics for detecting
    insider and targeted cyber attacks.
  • User centric monitoring across hosts, network and
    applications
  • Privileged account monitoring and misuse
    detection
  • Provides huge reduction in security events
    warranting investigations

5
USE CASES
  • Top suspicious email IPs - Knowledge of the top
    IPs from where the suspicious emails are routed
    is crucial to the organization. This report will
    provide list of IP address from where suspicious
    email have come. These IPs can be blocked so no
    further users will be subject to these mails.

6
  • Top Suspicious Users - This would show the top
    suspicious user accounts from where suspicious
    mail activities is happening. Organization can
    have better watch on such mail accounts and can
    be blocked, so no such activities will happen in
    future from those accounts. The report can show
    all such events and will give detailed insight on
    such events and we can alter the rules to enhance
    the security.

7
  • Activities bifurcation by role - All the
    activities can be divided by the role of the user
    doing it. This will give much needed insight to
    the security analyzer for the activities
    performed by the user and they can see what all
    activities are done by Privileged users,
    contracted users and non privileged users. Will
    be able to find out occurrences where users are
    not authorized for any activity and if they are
    doing so, can be traces here and system can be
    enhance to restrict such occurrence in future.

8
VISIBILITY
  • The system provides trend of events happening
    over a period of time which would help the system
    analyst to understand the behavior of such events
    and can predict the trends of such occurrence.
    This would prove very helpful in finding or
    investigating critical system issues.

9
About LTS SECURE
  • LTS Secure offers a Security Suite to
    rationalize, prioritize automate response to
    risks in your environment. Comprehensive Cyber
    Security Solutions with continuous monitoring at
    all layers of the IT stack network packets,
    flows, OS activities, content, user behaviors and
    application transactions.
  • To know more about LTS SECURE, contact us at
    enquiry_at_leosys.net or call us at 800-689-4506
  • Visit us at http//ltssecure.com
Write a Comment
User Comments (0)
About PowerShow.com