Cyberoam, a leading global provider of network security appliances has introduced a unique capability – User Threat Quotient (UTQ) – to help IT security managers identify users posing security risks with ease.
With UTQ, Cyberoam extends its own innovation of Layer-8 technology and turns over a new leaf in user-identity focused security. Available on Cyberoam’s Next-Generation Firewall and UTM appliances, UTQ harnesses information derived out of user’s web traffic to determine risky users that pose security and /or legal risks.
Studies have proved that users are the weakest link in the security chain and patterns of human behaviour can be used to predict and prevent attacks.
“Enterprise networks generate lots of data with ample clues into user-triggered events, but the information remains incomprehensible and correlating data from various logs and reports takes time and special skills, and is subject to the risk of human oversight,” says Abhilash Sonwane, senior vice-president Products and Technology, Cyberoam.
Given this scenario, a security manager wishing for a science fiction-like capability to pre-empt and mitigate threats shouldn’t come as a surprise. The ongoing paradigm shift towards pre-emptive security shares some signs of such capabilities.
Many organisations and security managers are leveraging big data analytics tools to capture early signs of specific user actions or network event patterns that may hint at a possible ongoing attack or anomaly.
Commenting further, Sonwane adds, “Most security teams struggle with timely detection of risk-prone user behaviour since they remain devoid of required actionable security data. User Threat Quotient (UTQ) from Cyberoam effortlessly profiles suspicious web behaviour of network users, helping security teams with actionable inputs and relieving them from having to go through a labyrinth of massive logs.”
The User Threat Quotient (UTQ) studies the web behaviour of users by analysing massive data of allowed and denied web traffic for web categories like IP Address, P2P, Phishing and Fraud, Porn, Spam URL, Spyware, URL
Translation Sites and more that pose security and legal risks.
The User Threat Quotient helps CSOs / IT security managers by:
* Spotting risky users based on their web behaviour at a glance without manual efforts;
* Removing complexity in analysing terabytes of logs to identify suspicious or risk-prone user behaviour;
* Eliminating the need for SMBs to invest in separate SIEM tools to spot risky users;
*Enabling investigation into the spread of risk within the network; and
* Facilitating corrective actions to fine-tune user policies.
Winds of change in IT and network security clearly indicate a growing need to focus on internal threats or risks from users. As a result, many CXOs now identify analytics and actionable security as a key investment area besides cloud, virtualisation and mobility, to leverage security analysis that enable faster decision making.
Extending its own innovation of Layer-8 identity-security with UTQ, Cyberoam continues to bridge the gaps where many security paradigms fall short in combating insider threats and user-triggered risks.