One of the most common ways hackers penetrate networks is by stealing the credentials of users with legitimate access to those networks. Because the credentials are frequently used by authorized users for perfectly normal reasons, detecting security breaches caused by compromised logins can be difficult. But a new app from IBM will help businesses determine if the credentials or systems of their own employees have been compromised.
Called IBM QRadar User Behavior Analytics, the new feature is available as a free app via the IBM Security App Exchange. The app expands the capabilities of IBM?EU?s QRadar platform by analyzing the usage patterns of insiders, including employees, contractors and partners, to determine if their credentials or systems have been compromised by cybercriminals, the company said.
The biggest threat to enterprise security comes from businesses’ own employees, with as many as 60 percent of data breaches stemming from insiders, according to IBM. But up to a quarter of insider data breaches happen because user credentials fall into the hands of hackers via employees, contractors or partners who are tricked by malware-laden phishing attacks or other techniques, IBM said.
?EU?Organizations need a better way to protect themselves against insider threats — whether they be from inadvertent actors or malicious cybercriminals with access to an organization?EU?s inner workings and technology systems,?EU? said Jason Corbin, vice president of strategy and offering management, IBM Security, in a statement.
The new app enables analysts to quickly pivot by using existing cybersecurity data to see the early warning signs often buried in suspicious user activities, ultimately helping them to more consistently address breaches before they occur, he said.
QRadar User Behavior Analytics leverages data from customers?EU? existing QRadar deployments, providing enterprises with a single platform to analyze and manage security events and data, according…