29 May Exabeam User Behavior Analytics Solution Detects Unauthorized Use of Credentials in 100 Percent of Client Base (Yahoo Finance)
Exabeam, a leader in user behavior analytics, today announced that in all deployments, unauthorized use of credentials was detected. The types of unauthorized use were comprised of system or data access policy violations and credential sharing, and approximately 20 percent were the result of advanced persistent threat-style (APT) attacks.
The attacks revealed had not been discovered by customers’ existing malware sandboxing or traditional signature-based security solutions. The Exabeam Labs’ survey that uncovered this finding looked at more than 40 deployments across multiple verticals and started from Exabeam’s general availability in February of 2015. In the APT-style attacks, the remote controlled malware had been deployed inside the customer’s environment and was leveraging the credentials of one or more employees inside the organizations.
Furthermore, Exabeam learned that many of the data and system access policy violations placed the organization at increased risk. Many attacks and policy violations were detected due to behaviors and access characteristics that were not normal and historically consistent with the employee’s job or role. Unusual employee sessions often included first-time access to systems and network zones that had never been accessed by the employee’s peer group. Finally, a few customers discovered two-factor authentication systems had been misconfigured and account credentials that had been shared across most of the organization.
“Helping customers get visibility into policy issues that put the organization at increased risk of APT-style attacks and insider threats before a data breach is a proud achievement for us, and it speaks to why companies urgently need to have visibility into credential behaviors,” said Nir Polak, CEO of Exabeam. “Learning what credential behaviors and access characteristics are normal inside the organization and keeping state on identify is the only way to uncover and act quickly on the stealthiest attacks.”
Many customers also report that Exabeam’s Stateful User Tracking™, session assembly and security alert to identity attribution capabilities have resulted in significant security operational efficiency gains. Exabeam has been designated a 2015 Cool Vendor in Security Intelligence by analyst firm Gartner, Inc.