Exabeam, the Smarter SIEM company, and Code42,
the leader in insider risk detection and response, today announced a
strategic partnership to help security and insider threat teams quickly
detect, investigate and respond to data exfiltration, and reduce risks
caused by compromised, negligent or malicious insiders. Customers using
the joint solution will benefit from having a full picture of their
environment, even in distributed workforce conditions, with automated
incident response to obstruct insider threats before data loss occurs.
Insider
threats are now among the most serious security risks and are becoming
increasingly difficult to manage using conventional security
technologies. The huge shift to remote working in 2020 has increased the
use of personal devices, and at the same time, reduced the
effectiveness of existing enterprise security solutions. When devices
aren't accessing assets directly through the corporate network or a VPN
and instead going straight to the cloud, on-premise network data loss
prevention (DLP) techniques and network firewalls have blind spots.
Remote workers have also become the targets of social engineering
attacks as cybercriminals attempt to exploit them to access corporate
networks.
"The
unprecedented growth in distributed work presents novel and complex
insider threats -- even when compared to just months ago," commented
Grant McCormick, CIO, Exabeam. "As a result, organizations should attach
greater urgency to monitoring risky activities that may impact the
security of their vital data. Failure to do so creates a potentially
catastrophic blind spot in the protection and integrity of enterprise
infrastructure."
The
partnership enhances security across a variety of exfiltration vectors -
across endpoint to cloud, through a technology integration, which uses
the Exabeam Cloud Connector solution to ingest data that indicates risk
from the Code42 IncydrTM product into Exabeam Data Lake and Exabeam
Advanced Analytics. Organizations using the Exabeam and Code42
integration will gain the ability to establish or more easily build
insider threat programs and processes. These organizations' security
operations center (SOC) and insider threat teams can:
- Provide real-time analysis and reporting on security alerts and data exfiltration attempts across their environment
- Accelerate
investigations related to insider threats with detailed incident
context across exfiltration vectors, file types, and user attributes and
behavior
- Resolve
insider risk incidents faster through a combined solution that delivers
high-fidelity alerts and actionable insights, along with the ability to
correlate alert information and triage incidents
Ananth
Appathurai, strategic partnerships and ecosystem SVP at Code42, said,
"Together, we can offer organizations the ability to protect their
systems and data from the malicious and accidental consequences of
insider threats. This is vital as the recent changes in workplace
culture evolve into permanent distributed strategies that legacy data
protection solutions aren't designed to address."
To further support their cooperation, Exabeam is joining Code42 as a founding partner of the inaugural Insider Risk Summit,
where the security community will connect to address the growing data
risks from insider threats. Presented as a virtual event on Sept. 17,
2020, it is the premier gathering for security leaders and professionals
to gain knowledge, share insights and advance strategies on detecting
and responding to one of the biggest security challenges: the growing
risk to IP and data presented by cloud-based collaboration and
decentralized work.
"This
technology collaboration between Exabeam and Code42 will allow
employees to use the tools they need to work in distributed
environments, while giving security teams visibility into how files are
moving across endpoints and cloud applications," said Chris Stewart,
senior director, business development & global alliances at Exabeam.
"It's an important collaborative step, and by joining forces for events
such as the Insider Risk Summit, we aim to maximize awareness of the
risks of data loss from insider threats."