Fortscale was designed to make the lives of security analysts easier. We build the only pure-play machine learning UEBA product on the market. No rules to write. No limits on what Fortscale can detect. From its intuitive alerts and investigations, to its self-tuning anomaly detection and risk scoring.
Fortscale user/entity behavior analytics (UEBA) solution helps you end insider threats with a totally new generation of autonomous machine-learning technology. Our UEBA solution can examine logs from all of your other applications too, even your custom and proprietary mission-critical systems.
Fortscale’s insider threat detection engine analyzes authentication and contextual data from a number of sources within your environment, and quickly models “normal” or baseline user and entity behavior. Using multivariate statistical analysis and machine learning, Fortscale identifies when deviations in behavior occur without the need to manually write a single rule.
Security analysts are busy and automatic prioritization of threats is key to focusing efforts and allocating resources appropriately. Iterative analysis and multivariate correlations across disparate timeframes, contexts and datasets makes Fortscale a much “quieter”, more accurate and more hands-off UEBA than you’ve ever seen before.
Fortscale can ingest any data source from SIEM, Splunk and or data repositories, as well as data from all applications, security products and even home-grown applications. Our out-of-the-box connectors allow you to hookup your Fortscale instance directly to data sources such as:
In addition to processing your favorite enterprise applications and SIEM logs, Fortscale leverages its new Generic Data Source framework (GDS) to provide full behavioral visibility out-of-the-box for several new data source types, including:
The redesigned user experience and interface introduces an entirely new method of investigation, incorporating the existing machine-learning based user data, with new workflows, upgraded visualizations and widgets. This makes it easier for security professionals to identify, investigate and stop insider threats.
Fortscale consumes external threat feeds that roam the Darknet in search for compromised enterprise usernames and passwords. When a monitored enterprise credential is identified on the Darknet, it is instantly streamed into Fortscale and is correlated with risky behavior found within the corporate environment. Fortscale alerts SOC analysts that a trusted user’s credential was found and was possibly abused by a malicious actor.