TMCnet News

Corvil Launches User-Centric Network Traffic Analysis For Accelerated Insider Threat Detection and Response
[February 27, 2018]

Corvil Launches User-Centric Network Traffic Analysis For Accelerated Insider Threat Detection and Response


DUBLIN, Ireland, Feb. 27, 2018 (GLOBE NEWSWIRE) -- Corvil today announced the new release of its Security Analytics solution, which helps organizations identify malicious behavior from compromised user accounts that increase the risk of data theft and reputational damage.

With the coming introduction of regulations such as General Data Protection Regulation (GDPR), it is imperative that users and their data are protected by organizations. GDPR mandates notification of a data breach within seventy-two hours. Therefore, the ability to quickly detect abnormal user behavior, network access patterns and data exfiltration is essential.

Addressing these challenges, Corvil now provides unified, granular visibility and insight to activity across users, hosts, applications, and services.  By presenting a prioritized list of the most suspicious users in the environment as well as activity across associated devices of all types, security teams can rapidly see, understand and act on evasive threats and protect high-value assets.  

In today's world, responding to insider threats depends on gaining comprehensive understanding of user activities across traditional IT domains – endpoints, networks, perimeters. Corvil’s ability to provide comprehensive user activity insights into the security ecosystem represents a major step forward,” said David Monahan, Managing Research Director, Security and Risk Management, Enterprise Management Associates, Inc.

The Corvil solution captures and analyzes L2-L7 network activity in real-time, contextually enriches with user identity and other data and automatically detects patterns of attack. Through streamlined workflows and intelligence sharing with the broader Security and Network Operations ecosystem (including SIEMs, Endpoint Detection and Response, Threat Intelligence, Next Generation Firewalls, and many big data systems), Security Teams can more effectively and efficiently combat threats in today’s complex environments.  

With a single click, an analyst can quickly triage, forensically investigate and respond to incidents such as insider threats, evasive attack movements and ransomware attacks.  By providing linkage to the granular underlying communications, Security Teams can more quickly and with confidence, detect, identify the source, and determine the impact of breaches – live and retrospectively.

This solution is complemented by the machine learning-driven virtual security expert, Cara, released last year and deployed at some of the largest financial institutions in the world, to autonomously identify vulnerabilities and attacks in electronic financial transaction environments.  While Cara’s daily cybersecurity intelligence report includes a cyber risk assessment score consumable by c-level executives, Corvil Security Analytics provides the additional granular, forensic record of user and host activity to help support compliance with emerging cybersecurity and data privacy regulations such as GDPR.



“Organizations today face unprecedented risk from cyber-attack and data loss,” says Graham Ahearne, Director, Security Product Management. “As the automation and sophistication of attacks increases, all too often compromised user accounts, attacker footholds within the environment, and careless or malicious insiders are the elusive source.  Our new user-centric analytics provide security analysts with a unified view of all user activity on the host and on the network combined with automated risk-scoring, and actionable intelligence to accelerate detection, triage and response.”

Security incidents expose organizations to reputational damage, legal and compliance exposure, and financial losses.  With more than 80 percent of breaches[1] stemming from inadvertent or malicious insiders, and with increasingly complex dynamic technology environments, organizations face new and growing threats every day. The faster an organization can identify and contain a data breach, the lower the costs.  However with a growing and diverse range of connected devices coupled with increasingly sophisticated and evasive attacks, it can take as long as five months[2] to detect a breach.  


Compounding matters, today’s Security teams face shallow visibility and manual workflows often across fragmented systems while attempting to respond to a barrage of alerts.  While many technologies focus solely on a host-centric view of activity, attackers increasingly gain access through compromised user accounts, escalated privileges and covert communications that are undetectable without closer, more comprehensive analysis.

To learn more about Monitoring User Activity Across Network For Threat Detection and Response see details of our 2018 Corvil and Forrester Webinar.

Corvil’s new Security Analytics release is generally available now.  For more information, or to contact a Corvil representative, please visit corvil.com.

About Corvil
Corvil is the industry leader for deriving Security, Operational, and Business intelligence from network data. As companies adopt faster and smarter machine technology, it becomes critical to tap into richer and more granular machine data sources to safeguard the transparency, performance and security of critical infrastructure and business applications. The Corvil streaming analytics platform captures, decodes, and learns from network data on the fly, transforming it into machine-time intelligence for network, IT, security and business teams to operate efficiently and securely in this new machine world. Corvil uses an open architecture to integrate the power of its network data analytics with the overall IT ecosystem providing increased automation and greater operational and business value outcomes for its users. The Corvil solution is trusted by leading financial institutions to safeguard their businesses across the globe involving 354 trillion messages with a daily transaction value in excess of $1 trillion.

Learn more about Corvil: Corvil.com | Twitter | LinkedIn 

Notes to the editor

[1] 81% of hacking-related breaches leveraged either stolen and/or weak passwords - 2017 Verizon DBIR. This means that 81% of attacks will come from hacker controlled machines inside the perimeter.
[2] Mean time to detect - http://info.resilientsystems.com/hubfs/IBM_Resilient_Branded_Content/White_Papers/2017_Global_CODB_Report_Final.pdf

Contact information:
Press Office at Corvil
+353 1 859 1040
[email protected] 


[ Back To TMCnet.com's Homepage ]