Fortscale Security Ltd., a leader in the growing field of user behavior analytics for enterprise security, introduced Fortscale 2.0, the latest upgrade of its award-winning solution that results in an unparalleled ability to target and eliminate insider threats. Fortscale 2.0 extends the company’s existing solution in two very important areas: precise anomaly detection and analyst alerting that includes context and conclusions. Working closely with its growing installed base, Fortscale has revolutionized anomaly detection with several breakthrough features that precisely identify anomalies while minimizing false positives. Additional productivity enhancements also provide security analysts with immediate insights and conclusions regarding identified alerts. Together, these new features provide enterprise security professionals remarkable visibility into insider threats and improve the security analyst’s ability to quickly understand and remediate specific threats.
Version 2.0 includes:
Improved Analytics Algorithms – Unmatched accuracy to identify critical threats and minimize false positives
- Fortscale SMART Alerts – Fortscale SMART Alerts highlight the most critical threats by prioritizing anomalies based on how uncharacteristic they are. Not all anomalies are malicious and SMART Alerts effectively identify and eliminate false positives.
- Dynamic User Thresholds – The baseline for each user is individually calculated and dynamically adapts to remain accurate with no manual intervention. Continuous tuning picks up subtle changes in user behavior that could indicate malicious activity.
- Multi-factor User Analysis – Events are evaluated against the user’s baseline behavior as well as their peer group and global (enterprise) behavior. Peer groupings are dynamically generated rather than arbitrarily assigned via function or geography.
- Active Entity Tagging – Sensitive or high-value users, devices, and services can be associated via tags that provide additional weighting to the machine-learning algorithms.
- Fortscale Anomaly Detection Framework – The anomaly detection framework is capable of easily incorporating additional data sources into the analysis for improved anomaly detection against additional attack scenarios. Fortscale is able to expand the number of supported use cases without significant changes to the underlying analytics engine.
Improved Investigation and Response – for faster investigation and rapid resolution
- Alert-based Dashboard – Fortscale provides an alert-based & investigation-oriented dashboard that simplifies and shortens incident response times – (i) individual anomalies are aggregated into alerts; (ii) alerts provide immediate insights and conclusions; (iii) alerts provide indicators that you can drill down into to gain detailed understanding of what triggered the alert.
- Single-screen Investigation – New investigation workflow minimizes incident evaluation time.
- Responsive Analyst Alert Feedback – Alert resolution is incorporated into the machine-learning engine for continuous improvement of anomaly detection.
It is well known that you cannot defend against an enemy that you cannot see. To date, insider threats have been successful precisely because they have been able to take cover in a very noisy environment. Fortscale V2.0 is the first solution that levels the playing field. Now the hunter has become the hunted.
With enterprise security teams understaffed and overwhelmed by security alerts, it is imperative that their time is spent focusing on alerts that are really indicators of an actual attack,” said Idan Tendler, founder & CEO, Fortscale. “Fortscale 2.0’s precise anomaly detection capabilities identify real issues and deliver a comprehensive set of critical security alerts. These are ranked in priority order with descriptions that represent the appropriate context for each alert, so that the analyst gets immediate insight into the exact cause and nature of the threat and can come to a quick conclusion.”
Fortscale’s insights and conclusions minimize the time required to understand the nature of each threat allowing faster responses.
Fortscale targets insider threats by employing enhanced threat detection capabilities that identify various behaviors typically associated with insider attacks. Fortscale’s proven user behavior analytics solution is designed to detect these anomalous behaviors, identify bad actors operating within a network, and alert security teams for a rapid response.
Speak Your Mind