Traditional security controls like MFA and PAM are bypassed easily by threat actors on a regular basis. Threat actors prefer breaking into organizations using legitimate credentials so they can achieve their goals undetected, often until it is too late. To combat this growing threat, organizations now need to find a way to accurately detect and respond to identity threats targeting their applications beyond the point of login.
Reveal Security recently spoke with cybersecurity expert and veteran CISO Jim Routh, who led security at numerous companies including MassMutual, Aetna, and American Express where he built custom solutions to address this very issue. Jim explains how unsupervised machine learning-based behavioral analytics can reduce risk by delivering the most accurate threat detection possible.
"Behavior Doesn’t Lie"
Inspired by the traditional FBI adage that “behavior doesn’t lie,” behavioral analytics approaches use statistical models to identify patterns of user behavior and deviations from established norms in real-time or near real-time.
"Model-driven security gives us the capability to understand deviation of pattern, measure it precisely, and trigger automation at specific thresholds, operating in close to real-time across the enterprise at scale."
Jim Routh
Jim’s expertise highlights the need for a next-generation, ML-based solution specifically designed to combat identity-based attacks.
What Sets Reveal Security Apart
Reveal Security harnesses the power of behavior and unsupervised machine learning (ML) to deliver early, accurate detection of identity threats operating in and across applications and cloud services.
At the core of the Reveal Security platform is our patented Identity Journey Analytics™ technology that learns identity behavior and typical journey sequences and automatically detects outliers indicative of threats.
"Reveal Security’s Identity Journey Analytics approach can significantly improve identity threat situations by comparing users to like users, making it more effective and scalable than traditional UEBA."
Jim Routh
Contact us to learn more about Reveal Security’s unique approach to post auth identity threat detection and response for SaaS and cloud.