Interset Ends 2016 on a High Note

Tripled bookings, doubled customer base and delivered on Enterprise- class Security Analytics Platform


2016 was a great year for Interset no matter how you slice it!

We started the year moving to a new office in Ottawa and opening a new US headquarters in Irvine to keep up with our growing team. We delivered two major releases of our security analytics platform, transforming it from UEBA-focused use case coverage to broader security analytics use case coverage. And we grew…doubling our deployed customers, and tripling our bookings.

This explosive growth was predicted by Gartner’s Avivah Litan, who forecast UEBA market size to double year over year. She predicts it to double again to $200 million in 2017, and from what we are seeing, she is spot on. The dynamics driving Interset’s hyper-growth stem from the recognition by security teams that greater intelligence in the form of machine learning and advanced analytics is the only way security operations centers can quickly and accurately pinpoint threats in real-time. The simple fact is, SIEM tools were never designed to handle the massive amounts of data required to capture and surface threats. And security teams are never going to be big enough to complete any of this work manually.

Another equally important part of the story behind Interset’s big 2016 is the maturation of the UEBA market into, well, as Avivah aptly put it in her blog, “invisibility.”  As she says, “Some UEBA vendors will survive as standalone platforms that, in essence, become ‘next-generation SIEM’ platforms, while other UEBA vendors get folded into other security markets.” What she is referring to is the fact that many UEBA vendors specialize in single use cases, for example, identity and IAM, or cloud and CASB, and these vendors will be acquired (their start-up strategy all along) by larger players in those markets.

The platform players she calls “next gen SIEM” will have “smarter advanced analytics, plus user and entity behavior analysis, plus cognitive computing based (i.e. smarter) orchestration and response.” At Interset, we call this “Security Analytics,” as I am loath to use the term “next gen.”  I also dislike the term SIEM, because SIEM is not “fit for purpose” for the threat detection needs enterprises face today. Security Analytics does not have this problem – at least, not Interset’s Security Analytics Platform – and that is the rest of the story.  In 2016, Interset delivered the “next-gen SIEM” platform Avivah describes– a true security analytics platform. We encourage you to take a look at it in our “Introducing Interset 5” webinar recording. The recognition by industry analysts that Interset ingest more data sources, covers more use cases, works across all entity types (user, file, machine, application) and does it with smarter advanced analytics, and smarter orchestration and response is pretty exciting. Customers repeatedly tell us these are the reasons Interset beat the competition, and it’s why we closed a record number of new customers.

Our wins covered multiple use cases, including a mix of fraud and targeted attack detection at several financial services companies. We also netted insider threat detection projects at a large US utility and a global hi-tech company, and IP protection projects at software companies in the application, gaming and security markets. Only a true security analytics platform could deliver a single out-of-the box solution covering so many use cases.

Of course, we cannot take all the credit for leading in this market – we had help. Our partnership with IQT and our opportunity to learn from the cyber and data science experts at multiple US Intelligence agencies has truly given us an advantage in understanding the most stringent market requirements and in deploying and testing security analytics at truly massive scale. In 2016, Interset introduced:

We also expanded strategic partnerships and integrations with Intel/McAfee, Leidos, FireEye and HPE. Additionally, we completed native integration and operational deployments with Splunk and HP ArcSight SIEM tools, and became the first Security Analytics/UEBA solution to complete native integration with McAfee DXL and ESM.  And we released a connector for FireEye TAP, enabling internal threats detected by Interset to be correlated with threat-intelligence and perimeter threats discovered by FireEye.

Finally, we were recognized for our thought leadership, hard work, and customer deployment success:

Of course, there is to be no slowdown in 2017. Next up for us all is RSA. A sneak preview for RSA – Interset plans: new strategic partnerships (because automation, integration and unification is the name of the game), new “dashboards” that drive even greater focus and context on your biggest risks and threats, enhanced detection capabilities at the endpoint (because that is where attacks start and often end), and continued expansion into new threat surfaces and data classes – plus much more.

Please come see us at RSA, and here is wishing everyone a successful 2017!