Big Data, Machine Learning, Behavioral Analytics Combine to Detect and Anticipate Security Threats in Real Time

Details in New FileTrek Whitepaper

Ottawa, ON, March 26, 2014 – New techniques in threat detection are combining real-time big data collected from endpoints across the enterprise with advanced behavioral analytics and machine learning, enabling even small security teams and those without forensics experts to understand and act against threats to sensitive data before systems are compromised.

A new whitepaper, “Big Data and Behavioral Analytics Applied to Security,” from FileTrek outlines how real-time data from every person, application, file and machine in an enterprise can be aggregated and correlated, then mathematically analyzed in a risk equation, applying machine learning to compute and track risks as they are observed, while becoming smarter over time. This approach automates the process of sifting through large volumes of unstructured noise and normal activity, detecting and surfacing anomalous and risky activities, and even anticipating threats before they happen. Such behavioral analytics for threat detection differ from traditional security analytics that rely solely on inspecting network traffic for threats.

“Big data and behavioral analytics applied to security enable us to capture the context of events and connect the relationships between those events to quantify and aggregate multiple risk vectors. This allows us to see the difference between people conducting business versus suspicious human or machine activity, without wasting time searching for suspicious behaviors by letting math do the work for you, and without slowing down productivity,” said Stephan Jou, FileTrek Chief Technology Officer.

The whitepaper examines how a holistic approach can be undertaken using inputs from four critical components including each user, activity, file and method of operation. A risk score for each behavior is computed by combining the four types of inputs, building a baseline of normal business operations and focusing in on the events that are anomalous from previous operations. Such systems are capable of analyzing, for example, how a specific IT administrator copying large and important files to an external USB drive—his or her actions being different from any other IT administrator—provides a motivating example of a behavioral risk indicator.

As the system applies machine learning to observe more activities and gets smarter over time, it becomes increasingly capable of detecting and alerting on previously difficult to detect risky and suspicious behaviors in real-time throughout the extended enterprise.

Organizations with valuable assets to protect in life sciences, manufacturing, financial services, hi-tech, oil & gas and federal government are among the first to apply advanced behavioral analytics to threat detection.

About FileTrek
FileTrek provides efficient and effective enterprise threat detection through comprehensive event collection, advanced behavioral analytics and precise anomaly detection. FileTrek enables companies of all sizes to eliminate the noise and false positives of existing security tools and focus limited security resources on actual threats to sensitive data assets. FileTrek’s cutting-edge solution secures intellectual property, trade secrets, classified files, and other sensitive data from accidental or intentional compromise by knowledge workers, IT administrators, contractors, and partners. FileTrek solutions are deployed to protect critical data across manufacturing, life sciences, hi-tech, finance, aerospace & defense and securities brokerage industries.

Betsy Kosheff