Imperva CounterBreach Uses Machine Learning to Protect Against Insider Threats
November 2015 by Marc Jacob
Imperva, Inc. announced Imperva CounterBreach, a new multi-layered security solution that protects enterprise data from theft and loss due to compromised, malicious and careless users. CounterBreach uses machine learning to analyze how users access data in order to spotlight dangerous data access and use. CounterBreach complements machine learning with non-invasive deception technology to identify compromised end-point devices. By dynamically learning normal data access patterns and then finding anomolies, CounterBreach proactively alerts IT teams to dangerous behavior.
According to the 2015 Verizon Breach report, over 45 percent of enterprise data breaches resulted from malicious or compromised inside users, and it is well understood that trusted internal users are typically the weakest link in any enterprise security posture. Enterprises must manage insider threats that originate from:
• compromised users whose credentials are stolen, or who unknowingly introduce malware into the enterprise
• malicious users who deliberately steal or destroy corporate assets; and
• careless users who inadvertently put sensitive data at risk.
To address insider risk, CounterBreach provides a multi-layered solution that:
• provides direct visibility into which users access what data, giving IT organizations insight into the ‘who,’ ‘what’ and ‘when’ of access to sensitive information;
• combines Imperva expertise in monitoring and protecting data with advanced machine learning to spotlight dangerous user data access activity; and
_• applies non-invasive deception techniques to identify compromised end-points.
CounterBreach is currently undergoing validation testing. See the blog for findings to date. To receive updates on CounterBreach, or to enroll in the next beta cycle, please visit imperva.com/go/CounterBreachBeta. The solution will be available in Q1 2016.