The Fortscale UEBA for SOC that has been making the lives of security analysts everywhere easier, just got better. The industry’s first, pure-play machine learning UEBA solution added:
Fortscale UEBA for SOC makes the lives of your security analysts easier, uncovering insider threats and cutting through the ‘alert’ noise to pinpoint the risky activity that needs your attention. As the industry’s first, pure-play machine learning UEBA solution, Forscale UEBA for SOC is the first solution that can seamlessly integrate with your environment and start providing value, immediately.
It takes any data on any user, device, app, and entity and starts making sense of it. The advanced machine learning and predictive analysis can not only accurately identify when something is anomalous, but also whether that anomaly is significant and represents a risk to your organization. There are no rules, no hassles, no limits.
Fortscale’s insider threat detection engine analyzes authentication and contextual data from a number of sources within your environment, and quickly models “normal” or baseline user and entity behavior. Using multivariate statistical analysis and machine learning, Fortscale identifies when deviations in behavior occur without the need to manually write a single rule.
Security analysts are busy and automatic prioritization of threats is key to focusing efforts and allocating resources appropriately. Iterative analysis and multivariate correlations across disparate timeframes, contexts and datasets makes Fortscale a much “quieter”, more accurate and more hands-off UEBA than you’ve ever seen before.
Fortscale can ingest any data source from SIEM, Splunk and or data repositories, as well as data from all applications, security products and even home-grown applications. Our out-of-the-box connectors allow you to hookup your Fortscale instance directly to data sources such as:
In addition to processing your favorite enterprise applications and SIEM logs, Fortscale leverages its new Generic Data Source framework (GDS) to provide full behavioral visibility out-of-the-box for several new data source types, including:
The redesigned user experience and interface introduces an entirely new method of investigation, incorporating the existing machine-learning based user data, with new workflows, upgraded visualizations and widgets. This makes it easier for security professionals to identify, investigate and stop insider threats.
Fortscale consumes external threat feeds that roam the Darknet in search for compromised enterprise usernames and passwords. When a monitored enterprise credential is identified on the Darknet, it is instantly streamed into Fortscale and is correlated with risky behavior found within the corporate environment. Fortscale alerts SOC analysts that a trusted user’s credential was found and was possibly abused by a malicious actor.