5.31.18
Interset, a security analytics company powered by self-learning AI, today announced Interset 5.6. This latest version of Interset’s AI-enabled security analytics platform delivers powerful new analytics and investigation capabilities that help companies fortify security — starting at the endpoint.
“Endpoint data is extremely rich and it can reveal important security gaps or threats. Unfortunately, endpoint security traditionally relies on signature-based methods that require a threat “definition” to identify infections — something that severely limits protection against constantly changing endpoint threats and zero-day attacks,” says Mark Smialowicz, CEO at Interset. “Behavioral analytics powered by unsupervised machine learning bolsters endpoint defense by eliminating the need for signatures and instead looks for anomalies based on what an endpoint’s normal operations look like day after day.”
“The most visionary and leading of vendors in 2018 and 2019 will be those that use the data collected from their endpoint detection and response (EDR) capabilities to deliver actionable guidance and advice that is tailored to their clients,” said Gartner.¹ “Detecting known indicators of compromise (IOCs) and suspicious behavior is only one side of the enterprise protection platform (EPP) coin — solutions must detect and proactively alert on weaknesses or vulnerabilities that are being exploited right now, or are likely to be exploited in the future. The fast-moving nature of attacker tools, techniques and procedures means that an organization’s endpoint security strategy must be continually assessed and adapted.”
Interset 5.6 features additional models for EDR data, building on the platform’s existing catalogue of more than 400 unsupervised machine learning models. The new models emphasize threat detection for data-exfiltration and infected-host use cases by detecting anomalies in port usage, inbound or outbound data transfers and processes. Interset’s behavioral analytics approach to endpoint security makes it uniquely positioned to detect zero-day attacks, which typically involve brand new strains or versions of malware or viruses. Most antivirus and antimalware solutions struggle to identify these attacks without having been introduced to IOCs that are associated with a specific malware — something that is not possible with zero days. Using unsupervised machine learning (a type of self-learning AI), Interset dynamically measures millions of individual behavioral baselines for users and machines to detect anomalies that are typically missed by other solutions.
Interset 5.6’s enhancements help organizations further integrate the threat detection platform into their existing security ecosystems.
