No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

empow Tool Becomes First SIEM to Automatically Detect and Respond to Threats Across the Cyber Kill Chain

by Corporate Compliance Insights
September 25, 2018
in GRC Vendor News
image of skull in programming code

empow’s native artificial intelligence, natural language processing and cause-and-effect analytics now ingest user and account activity logs to correlate all data source types covering all stages of the attack lifecycle

BOSTON (September 25, 2018) – empow, creators of a new kind of security information and event management (SIEM) system that detects and responds to cyberattacks in real time and without rules, today announced it has added native user/entity behavior analytics (UEBA) functionality to its SIEM. With this capability, the empow SIEM now provides automated detection and adaptive response to threats across the entire cyber kill chain.

“User and account activity logs are important inputs for detecting attacks by malicious insiders or external intruders who have successfully compromised user account credentials,” said empow Founder and Chief Technology Officer Avi Chesla. “So UEBA is mainly useful in the middle and late phases of the cyber kill chain, but not in the earlier stages of the attack. Unusual user behavior is one indicator of an attack, but not the only indicator, and by itself not necessarily sufficient for making a clear actionable decision. empow has developed a complete system that uses artificial intelligence, natural language processing and machine learning – as well as behavioral analytics – digesting security logs, network-flows logs, as well as user and account activity logs, to automatically detect and respond to malicious activity across all phases of the attack life cycle, accurately.”

To gain the benefits of UEBA, organizations have traditionally had a choice between integrating standalone UEBA products into their existing rule-based SIEM infrastructures or adding rule-based attack detection capabilities (such as those typical of existing SIEMs) to their UEBA products. Neither of these approaches is effective because rule-based detection systems cannot keep up with the ever-changing threat landscape and miss attacks. These solutions also do not provide automatic response (investigation or mitigation) capabilities.

empow has developed a new kind of SIEM that uses true artificial intelligence, along with machine learning and multiple types of analytics, including behavioral, to detect and respond to attacks. In the empow solution, UEBA is built into the SIEM at a native level, and the system takes unusual user, entity and account behavior into consideration – along with a number of other factors and indicators – when identifying and validating attacks. This maximizes the effectiveness of the UEBA functionality and improves overall attack detection accuracy.

empow’s native UEBA capabilities deliver several key benefits to security teams, including:

  • Improved results with no additional investments or tools. UEBA is native to the empow SIEM and  broadens the scope of detection and investigation. Customers benefit from faster and more optimized response to attacks – without the need to invest additional time, budget or resources.
  • Works with existing data sources. empow does not duplicate data and does not force log infrastructure on customers. Instead, it works with existing open source or commercial log infrastructure, such as Elastic and other leading solutions.
  • A wider security scope, still with no rules.  empow requires no correlation rules across the entire security and network infrastructure. While some UEBA-based SIEM vendors will claim they do not require rules, that is only true for UEBA data sources. For empow, it is true for all data sources.

“empow makes our entire security operation better,” said Dannie Combs, senior vice president and chief information security officer for Donnelly Financial Solutions. “It integrates seamlessly with our existing infrastructure and data sources, detects and stops threats in real time without rules and drives far greater ROI from our existing security tools. And now, we can add UEBA functionality with no additional product investment or integration work, because it is native to the system. If you drew up the ideal SIEM, this would be it.”

The inclusion of UEBA also makes empow the first company to deliver on all of the components of a complete next-generation SIEM, including:

  • Flexible data ingestion from all log and data sources, either directly from the security infrastructure or indirectly (via intermediate log storage and management systems), without requiring the development of complex parsers for new data sources.
  • AI-driven classification of security events, which leverages natural language processing (NLP) on both machine- and human-readable threat intelligence from internal and external sources, to understand the intent behind each event.
  • Auto-correlation using cause-and-effect analytics to automatically validate and prioritize attacks, and reveal the complete “attack story” – without requiring static correlation rules.
  • Adaptive orchestration using the capabilities of the existing security infrastructure to actively investigate and mitigate (block) attacks, without requiring scripts.

“My advice to security teams is that if you haven’t already looked at a SIEM-based orchestration tool using inference and NLP for contextual understanding to improve mitigation, then add this task to your list,” writes Edward Amoroso, founder and CEO of TAG Cyber, an advanced cyber security advisory, training and consulting firm focused on enterprise and government CISOs. “And, you would be wise to give the empow team a call.”

About empow

empow is the developer of a new kind of security information and event management (SIEM) system that detects cyberattacks and automatically orchestrates adaptive investigation and mitigation actions in real time, without the need for human-written rules. empow’s innovative use of AI, including natural language processing (NLP), machine learning and cause-and-effect analytics, automatically understands the fundamental nature or intent of threats, finds the actual attacks hidden in the “noise,” and marshals the right security tools to respond when those attacks occur. This capability enables the empow SIEM to serve as an active “brain” for security infrastructure that detects, confirms and stops attacks before they can cause harm, while also maximizing the value of existing security infrastructure and slashing the need for human intervention. empow is headquartered in Boston, with an R&D office in Tel Aviv, and customers distributed across North America and Europe.


Tags: Artificial Intelligence (AI)Machine Learning
Previous Post

Very Pleased to Meet You: Market Rates for Introducers in Asia-Pacific

Next Post

Optiv Security Solution Helps Organizations Rationalize and Optimize Cybersecurity

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

DALL·E 2023-02-16 13.18.43 - magritte style painting of robot looking into mirror

A Bot Isn’t Going to Take Your Place, But AI Will Make Your Job Harder

by Jennifer L. Gaskin
March 8, 2023

OpenAI’s splashy ChatGPT rollout has generated untold amounts of text, both directly and indirectly. While much of what’s been written...

cci top 10 stories collage

Top 10 Compliance Stories of 2022

by Jennifer L. Gaskin
December 7, 2022

The more things change, the more they stay the same. This time last year, we summarized the top 10 ESG...

ai bias_f

Still Racist After All These Datasets: Once Bias Is Baked Into Your AI, It’s Hard to Root Out

by Nigel Cannings
November 9, 2022

Spending on artificial intelligence across all sectors is expected to more than double by 2025, but Nigel Cannings of Intelligent...

ai in hiring

Algorithms Behaving Badly: New NYC Law Tackles Bias in Hiring Technology

by Lofred Madzou
June 2, 2022

From recruitment to retention, technology has long been crucial to effective workforce management. And while companies may be flocking to...

Next Post
close up of fanned credit cards

Optiv Security Solution Helps Organizations Rationalize and Optimize Cybersecurity

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT