With the annual RSA Conference 2019 commencing in San Francisco this week, it’s perfectly clear that, once again, practitioners have no shortage of options when it comes to selecting the technologies and solutions they seek to best protect their sensitive data and systems.
While some industry watchers may still be waiting for the cyber security industry to eventually contract, the reality is that the Moscone Center is more crowded than ever with new and familiar faces seeking to press their wares on today’s buyers. Meanwhile, organizations are faced with ever growing pressure to make the right call when it comes to aligning their specific IT security requirements with available capabilities.
Beyond the hum of countless buzzwords and themes of the day, what we continue to hear from our customers is that what they really need now more than ever is a more effective manner of integrating and automating key data sets and processes to boost overall IT protection.
In fact, most practitioners, especially large enterprises with mature cyber security and risk management programs, are pushing hard for new methods to garner more value from their existing investments, even as they explore new tooling. Honestly that’s nothing new. And that’s one of the main reasons why Bay Dynamics is having so much success with its Risk Fabric analytics platform, also brought to market by Symantec as Symantec Information Centric Analytics (ICA).
At its core our platform excels at pulling together the critical data streams provided by existing solutions – including DLP, CASBs, endpoint security, EDR, email security, web proxies and many more – and translating that information into actions that truly address underlying threats. Our ability to integrate the vast sea of existing information and automate workflows such as threat hunting and breach prevention, driven by analytics and machine learning, is truly hitting the mark.
Over on the other end of the integration and automation spectrum, we’re also working hard to dovetail our capabilities with increasingly popular and useful technologies such as Security Orchestration, Automation and Response (SOAR) platforms. By feeding the output of Risk Fabric into these systems, we’re helping to deliver the context necessary for SOAR to understand all the involved security data and take action; the response has been that this is a fantastic complement and integration point for these advanced security automation tools.
As a testament to this commitment, last week Bay Dynamics announced a new integration partnership with IBM Resilient’s Incident Response Platform (IRP). Bringing these systems together provides the ability to rapidly prioritize risks for investigation and trigger remediation workflows, essentially at the click of a button.
While SOAR is still an emerging technology with most practitioners, there’s tremendous upside to be realized as these tools evolve and work more closely together. Noted in the press release, Risk Fabric’s patented UEBA and cyber risk analytics can detect emerging threats, prioritize alerts and communicate critical mitigation recommendations to IBM Resilient, which then triggers appropriate actions, such as vulnerability remediation or systems reconfiguration, through automation and orchestration playbooks.
Specific benefits of this technical tie up include:
- Rapid detection of malicious insiders, compromised accounts, and perimeter breaches
- Automated response playbooks leveraging user and entity risk and behavior data
- Comprehensive risk identification, incident prioritization and remediation steps
As the industry continues to mature, we know that practitioner’s appetites will only increase for these types of automation tool set integrations. No matter what capabilities they may or may not find useful, or even move to acquire, based on what’s going on here at RSA, what’s most clear is that every element of the vendor ecosystem needs to pull closer together to help our customers get the job done.
For more information on our recent integration with IBM Resilient, check out these resources: