- Company (that provides the nominated product / solution / service): Niara, Inc.
- Website: http://www.niara.com
- Company size (employees): 60
- Product Version Number: 2.0
- Type of solution: Software
- Year this product or service was first introduced to the market: 2015
- Year the current version of this product or service has been released: 2016
- Approximate number of users worldwide: 200
In 3 bullets, summarize why this product or service deserves recognition:
1. Precision Attack Detection. Examples of attacks that Niara has detected before they have done damage include email-borne exploits such as ransomware, spearfishing and whaling, partner misuse of access credentials and a never-before discovered back-door in an ftp appliance.
2. Accelerated Incident Response and Measurable ROI. Niara customers are reporting up to 30 hours of savings per investigation for high priority alerts given the easy access to consolidated entity, log, and network forensic information over months or years of activity. Dollar savings are estimated to be in the $45,000 per month range at one F500 customer
3. Complete Visibility. The UEBA competitive landscape splits primarily across two dimensions: vendors who process network (packet) data and those that rely on logs. Niara uniquely plays in both segments by aggregating and analyzing all the relevant sources of IT activity data from packets and flows to logs and alerts, endpoint and servers, external threat feeds, etc. to provide the most precise and comprehensive risk scores and forensic information.
In less than 300 words, summarize the most important features and benefits of this product or service
Niara’s UEBA solution detects attacks that have evaded real time defenses before they do damage with a range of supervised and unsupervised machine learning models that spot malicious activity at each stage of the kill chain. Niara leverages both the compute and storage scale of the Spark/Hadoop framework to provide full forensic support for accelerated investigation, decision making and response. Users, systems, applications, partners, etc. are individually tracked via an Entity360™ security profile that maintains a continuously updated risk score along with one-click access to their security-relevant IT activity (down to the packet level) that the security team needs to build a response and remediation plan. Niara customers are reporting up to 30 hours of savings per investigation for high priority alerts given the easy access to consolidated entity, log, and network forensic information over months or years of activity.
Niara’s UEBA Machine Learning introduces a second dimension of attack analytics to complement the rule and signature-based approach of SIEM, IDS, etc. Without rules or preparation, Niara builds baselines of IT activity for users, servers, applications, etc., so even small changes in typical behavior are detected, put into context and tracked over time. This provides the security team with a completely new technology to deal with carefully crafted, slowly gestating exploits that utilize legitimate credentials such as compromised users unleashing a ransomware attack, negligent users sharing application credentials and disgruntled employees out to steal information or do damage. Niara turbocharges SIEM and logging products such as Splunk and ELK with bidirectional integration that leverages their data aggregation while returning high-priority alerts and forensic information to the SOC console and case management workflow.