Protection Inside the Perimeter

Tracking User Activity to Identify Insider Threats

June 20th, 2018
11AM EDT / 4PM BST

With over 80% of breaches today resulting from malicious or inadvertent insiders, companies increasingly need to look within. Because insiders are typically authorized for some activity, it is tough to tell if they are accessing the information as part of their normal work or something malicious. Further, they also may know what controls exist and are therefore better able to cover their actions. If you are like most companies, you are looking for ways to mitigate this risk while increasing the value of your existing cyber protection assets.

Corvil and Splunk provide the advanced analytics to detect and remediate these costly “in plain sight” threats, bringing the benefits of full packet network traffic analysis (metadata, file artifacts, PCAPs, flow connectivity maps) to the fingertips of Security Analysts who leverage the Splunk platform within their security operations.

Would you know if:

  • Attacker-placed rogue hosts, leveraged to establish covert remote access, appear on your network?
  • An employee’s user account was compromised and is being utilized as a beachhead?
  • An attacker is moving laterally across your network using malware-less techniques such as with Powershell?
  • Corporate workstations were being used to perform cryptomining?

You would if you had Corvil Analytics and the Splunk platform.

Register to learn how to mitigate dwell time and cyber risk with Corvil’s user-centric network traffic analysis and Splunk Enterprise Security and Adaptive Response by assessing user traffic, data patterns, and communications content.

Speakers

Meera Shankar, Alliance Manager, Security Ecosystem, Splunk Inc.
Graham Ahearne, Director, Product Management, Security Analytics, Corvil