(Image credit: Dollar Photo Club.)
Today at the RSA Conference at the Moscone Center in San Francisco, SAS (Cary, N.C.) announced that it will introduce the SAS Cybersecuity solution this fall. The vendor touted the solution’s advanced analytics as representing a core competency for SAS, whereas many security vendors add such capabilities as an “afterthought.”
SAS Cybersecurity correlates and analyzes billions of daily network transactions with business contextual information across the organizations, such as asset data, functional business role and existing security alerts, according to the vendor. It optimizes, then analyzes, data in real time to capture a continuous picture of active security risks, a SAS statement adds, resulting in what the vendor calls a comprehensive view of normal versus abnormal activity helps an organization sustain its information advantage over attackers.
“Headline-making cyberattacks demonstrate how hackers can be inside a network for months before detection,” commented Ray Boisvert, CEO of I-Sec Integrated Strategies (ISECIS), and former Assistant Director for Intelligence with the Canadian Security Intelligence Service. “During that time, they lurk persistently and increasingly undetectable within the network, where they uncover and later extract an organization’s most valuable information. This is a huge gap in the cybersecurity market. An organization has an information advantage over a hacker only once.”
Essential Layer of Cyberdefense
Hackers’ reconnaissance activities are shrouded within massive amounts of data, and are difficult to detect. In addition, existing security solutions generate too many alerts, according to Bryan Harris, Director of Research and Development for Cyberanalytics at SAS. “By harnessing and enriching all this data in real time and applying complex, behavioral analytics, SAS Cybersecurity adds an essential layer of cyberdefense,” he said.
SAS Cybersecurity obviates the need for users to have specific expertise in analytics, according to a SAS statement. The vendor asserts that the solution provides an accurate, prioritized list of network devices exhibiting risky behavior that requires immediate investigation—a capability SAS says greatly reduces the number of alerts, ensuring the most efficient use of a security operations center’s (SOC) time and resources.