+1(512)-551-4000
Security & Intelligence
Home  / Big Data Services  / Security & Intelligence

With the traditional defense perimeters being obsolete and increased ability of the attackers to circumvent the traditional security systems; the need of the hour for the organizations is to adopt an intelligence driven security model that is more risk-aware, contextual and agile.

Business Challenges:

  • » As organizations open and extend their data networks – allowing partners, suppliers and customers to access corporate information, they become more vulnerable to data theft and misuse
  • » Corporate applications and data are also increasingly accessed through cloud services and mobile devices, shattering what’s left of enterprise network boundaries and introducing new information risks and threat vectors
  • » Oftentimes, cyber attacks or fraud schemes perpetrated by advanced adversaries aren’t detected until well after the damage has been done

All the above challenges are prompting the organizations to move to an intelligence driven security model, which relies on security related information from internal and external sources to deliver a complete picture of risks and vulnerabilities. Organizations are required to implement security capabilities that will ultimately help them detect the unknown and predict threats in future.

Big data analysis drives intelligence driven security:

  • » ESolvit will help organizations encompass both the breadth of sources and the information depth needed for programs to access risks accurately and to defend against illicit activity and advances cyber threats
  • » Big data analytics will disrupt the status quo in most information security product segments, including SIEM; network monitoring; user authentication and authorization; identity management; fraud detection and governance risk & compliance
  • » ESolvit develops data analytics tools that will help the organizations enable a range of advanced predictive capabilities and automated real time controls
  • » In the process of integrating big data analytics into business risk management and security operations, ESolvit will redesign how information security programs are developed and executed

How ESolvit analyzes the specific data from potential sources based on the threat:

 

 

Threats

Description

Potential Sources

1

Network/Host traffic

  • Are traffic anomalies to/from these servers?
  • Protocol distribution?
  • Encryption
  • Suspicious destinations
  • SIEM
  • Network Monitoring
  • Application Monitoring

2

Web Transactions

  • Has suspicious activity been observed in sensitive, high value application and assets
  • Authentication Data
  • Transaction Monitoring
  • Application Logs
  • SQL Server Logs
  • Network Session Data

3

Infrastructure

  • Has the server been manipulated? Is it vulnerable?
  • Has its configuration changed recently? Is it compliant with policy?
  • IT Assets
  • GRC Systems
  • Configuration Management
  • Vulnerability Management

4

Information

  • What kind of data does the system store, transmit, process?
  • Is this regulated information, high value IP?
  • DLP
  • Data Classification
  • GRC Systems

5

Identity

  • Which users are logged in?
  • Have their privileges been escalated?
  • Where did they log in?
  • What other assets does this user touch?  
  • Authentication Data
  • Microsoft Active Directory
  • Server Logs
  • Asset Management
  • SIEM
  • Network Monitoring

The following are the four key areas where ESolvit can help organizations on Security & Intelligence:

Security Management

ESolvit develops a unified security management system which is basically an amalgamation of SIEM and network monitoring capabilities to assimilate all information that could possibly inform security. Our security analytics program is capable of processing huge real time data collection and threat analysis. The management will have a unified view of multiple data sources and centralizes the threat research capabilities, instead of forcing security analysts to deal with disparate tools that disrupt and potentially derail their workflow.

Identity and Access Management (IAM)

By enabling situation aware IAM, ESolvit provides continuous risk assessment of user activity, especially when accessing sensitive resources, even after the initial authentication. Profiles are based on historical behavior, a deep complex user profile and a richer view of analytics.

Fraud prevention

Whether it’s financial fraud, transaction fraud or fraudulent use of corporate resources, ESolvit’s advanced security technologies analyze huge amounts of behavioral data and other diverse indicators to differentiate between legitimate and malicious business activities. ESolvit predicts that session intelligence, behavioral and click stream analysis will work together to prevent business logic theft in which attackers find a flaw in the functioning of an IT based system and exploit it for illicit gain.

Governance, Risk and Compliance (GRC)

Organizations are expanding their GRC programs scope by bridging organizational silos and business functions with a unified GRC system, the amount of data such systems can handle will have to grow exponentially. ESolvit will help the organizations in building a GRC platform that will evolve to provide the real time access to the entirety of information relevant to understand business risks and prioritize security activities. They will analyze huge volumes of data to facilitate better, smarter decisions about level, source and criticalities risk for the organization.

© Copyrights 2017, Esolvit, Inc. All Rights Reserved.
Call @ (512)-551-4000, (512)-350-9564