Intellitactics and Securify Partner to Tackle Insider Risk, Detect and Fight High-Risk User Behavior

Business Wire,  June 25, 2008  

• E-mail
• Print
• Link

Securify's Identity-Based Monitoring Discovers and Controls User Behavior and Access in Real-Time; Automatically Sends Security Events and Rich Context to Intellitactics' Security Manager

RESTON, Va. & CUPERTINO, Calif. -- Intellitactics, a leader in enterprise security and compliance management solutions, and Securify, a leading provider of identity-based monitoring solutions, today announced packaged integration in order to deliver a more complete picture of 'who is doing what and where' on the network. Organizations that have already implemented this powerful combination of Intellitactics Security Manager (ISM) and Securify Monitors are reaping the benefits of effective identity-based, real-time detection of both external threats and unauthorized access and behavior based on user identity. This integration provides advanced capabilities that enable organizations to protect the enterprise and comply with regulatory standards by simplifying their ability to monitor access to sensitive, proprietary, and classified systems and behavioral risks.

Securify's identity-driven, network-based monitoring approach leverages existing infrastructures to deliver a cost-effective way to discover and control access and behavior broadly across all networked systems. Securify monitors network traffic (via NetFlow, JFlow, or deep packet inspection via passive tap or span port), creates an accurate baseline even within dynamic networks, and maps this activity to a unique user identity with groups/roles from existing network directories such as Microsoft Active Directory. Securify sends prioritized access anomalies and policy violations, including user identity and robust incident details, to security information and event management solutions such as Intellitactics' Security Manager in real-time. Organizations that already use both Securify and Intellitactics gain centralized management of security and operational data for accelerated decision support and response.

Intellitactics Security Manager consolidates and analyzes data from security devices, operating systems, and applications to provide real-time threat detection, historical analysis for forensics, and compliance reporting. Security Manager centralizes security information and automates log aggregation, security event management, actionable alerting, and incident response. One-click alert assessments and simple drill-down to the parsed and raw events provide contextual details for any alert under investigation. Further, Security Manager enables IT to streamline incident handling and provides hundreds of reports that verify and validate compliance with regulatory standards, internal policies, or industry best practices.

Scott Crawford, Research Director of the Security and Risk Management Practice with Enterprise Management Associates, comments on the partnership and integration of the technologies: "Auditors are tightening the standards by which they view insider risk protection. Rather than risk unfavorable audit findings, enterprises can proactively address this increased scrutiny by leveraging technology solutions that simplify their ability to monitor user behavior on the network and access to sensitive systems and applications. The combination of Securify and Intellitactics is one of the few approaches that can not only identify insider risk, but can also correlate potentially high-risk behavior with user identity and group memberships. More than just a technical integration, the combination of a 'single pane of glass,' Intellitactics' automated alert management, and Securify's deep, identity-based access and behavior monitoring not only meets the needs of a growing market requirement, but enables joint customers to more intelligently and quickly respond to an attack or threat."

Intellitactics Security Manager consolidates and correlates these role-based network-activity events with other threat and vulnerability events and data from application logs. Sunil Bhargava, Intellitactics' Chief Technology Officer, comments on the integration: "This integration provides the security team the whole picture, which is so important for fast and accurate response and audit readiness." The integration of the two technologies is simplified with the Intellitactics' Active Integration and Response module referred to as AIR. "Vendor partners, like Securify, that are working with us using AIR see the opportunity to provide our mutual customers meaningful, deep, bi-directional links between security technologies. AIR enables ISM users a fast path to Securify's Discovery and Control views to investigate a policy violation in context and also to gain flow data-based network anomaly and behavior analysis. This in turn improves day-to-day network operations, provides rich proof of compliance to auditors, and delivers unmatched security against complex threats such as insider risk."

The integrated ISM and Securify solution optimizes the efficiency of the security operations staff and potentially reduces the number of security related and compliance related incidents. "A recent poll found that 68 percent of public companies admitted that auditors are now asking for more proof of monitoring user behaviors on the network. The synergies between Intellitactics and Securify are compelling for companies that must meet audit and compliance standards and reduce risk inside their networks," says Securify's VP of Products and Marketing, Steve Woo. "Securify's high value, identity-driven approach adds a proven operational tool for monitoring network users, which is the natural evolution and synthesis of log management, event management, network monitoring, and directory data. The combination of Securify and Intellitactics enables network security and operations teams to instantly pinpoint when and where a specific user is doing something he or she should not, and prioritizes alerts based on the Intellitactics risk score."