Promote this Nomination
|Company (that provides the nominated product / solution / service)||Balabit|
|Company size (employees)||n/a|
|Type of solution||Hybrid|
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
• Blindspotter can prevent data breaches and drives its ROI in several ways:
• Blindspotter visualizes security events and enriches them with contextual information. Balabit’s clear, compelling analytics facilitate analysis and investigation, and also gives CIOs and CISOs exceptional new clarity in communicating to C-suite executives. It demonstrates how IT systems and resources are actually used (and their full criticality to the organization’s well-being), enabling CISOs and CIOs to better cost-justify and strengthen budget recommendations.
• Blindspotter helps security teams – and Security Operation Centers - be more efficient by facilitating forensic analysis, by providing time-saving automatized responses and prioritized lists of suspicious activities, and providing immediate, highly relevant contextual information on critical situations.
Summary of Achievements
Balabit’s “Blindspotter” real-time privileged user behavior analytics (UBA) solution monitors and analyzes users’ activities, and detects any unusual behavior. It does this by building up a baseline profile of each privileged user, collating their typical behaviors, including both meta-data (time, place, applications accessed, etc.) and detailed biometric characteristics such as typing speed or mouse movements, using sophisticated machine learning algorithms.
If a user acts oddly – either by exhibiting behaviors indicating a potentially malicious insider or intruder with stolen credentials – Blindspotter can detect these anomalies in real-time, and respond according to the organization’s priority list of security events.
Blindspotter improves the efficiency of security teams, by focusing on the highest-risk situations and activities. It helps companies prevent one of their worst nightmares: an extended, undetected attack.
Blindspotter can ingest data from multiple sources, including logs, but is optimized to work with Balabit’s Shell Control Box privileged user monitoring solution, which records every privileged user session as a high-fidelity recording.
Furthermore, custom connectors to proprietary APIs can be written, and out-of-the box integration with many commonly-used data sources is standard.
Lastly, Blindspotter’s advanced security analytics correlate the results of several Big Data models, ensuring that attackers will be detected and security teams aren’t overwhelmed by thousands of false alarms. It takes the risk exposure levels of individual users into account and prioritizes potential incidents.