Interset Advances UEBA, Expands Use Case Coverage with Interset 5 Security Analytics Platform; Named McAfee(R) Security Innovation Alliance Rookie of the Year

Volume of new data source connectors, analytic models has created a platform that learns while detecting and scoring the risk level of threats across terabytes of data for an expanding set of use cases in business and government


OTTAWA, ON--(Marketwired - Nov 2, 2016) -  Interset, the security analytics company selected as a portfolio investment company and strategic partner by In-Q-Tel, today announced the release of Interset 5. The new version aggressively expands beyond traditional User and Entity Behavior Analytics (UEBA) use case coverage with new data source integrations and more than 100 new advanced analytic models. Interest 5 also features a new security operations-centric (SOC) user interface. Additionally, the new version leverages cutting-edge, machine learning-driven cyber and insider threat detection capabilities developed for the In-Q-Tel community using Interset's extensible behavioral analytics engine.

Interset was also named "Rookie of the Year" at the annual McAfee Security Innovation Alliance Partner of the Year Awards.

According to D.J. Long, head of the Intel Security Innovation Alliance, "Interset's integrations with McAfee ESM and McAfee DXL through the Intel Security Innovation Alliance provide our mutual customers with better data protection and an improved threat defense lifecycle. Partnering with Interset to combine the strengths of both companies is key to delivering a security analytics solution that provides accuracy and speed in threat detection."

Out-of-the-box integration and analytics

Available Nov. 30, 2016, Interset 5 increases the platform's ability to detect threats and efficiently cover new use cases with out-of-the-box support for new data sources including Linux server, Web proxy, firewall, and VPN logs. The addition of these data sources to Interset's industry-leading coverage, combined with new analytic models, enables Interset to detect and surface indicators of compromise (IOCs) across all stages of an advanced attack. These include: initial infection, command and control, internal reconnaissance, privilege escalation, lateral movement, and data staging. Interset 5 is the only security analytics solution that can detect, surface, connect, and offer risk-based prioritization of advanced targeted attacks as they develop inside the network. This means SOC analysts and forensic investigators can proactively identify, understand, and stop even the most sophisticated attacks while they are happening, long before data is compromised.

Interset 5 expands insider threat detection capabilities using specialized endpoint analytic models that detect and surface high-risk file access, movement, and exfiltration methods such as print, post and copy to USB. These capabilities -- along with Interset 5's ability to ingest Windows and Linux Server logs and run high-risk data access, usage, and movement analytics against them -- deliver unprecedented views of unfolding insider attacks.

Security Operations-Defined User Interface

Interset 5's new SOC-defined user interface delivers entity risk and contextual validation views that enable level 1 and 2 SOC analysts to quickly and efficiently focus on, validate, and process potentially high-risk security incidents. By increasing the speed and accuracy of early detection and validation -- combined with Interset's strong cyber hunting and event query interface -- security teams can proactively detect, investigate, respond to, and stop cyber and insider attacks.

"Interset 5 is about leveraging our big data platform and extensible advanced analytics engine to rapidly cover new use cases with out-of-the-box machine learning models and data connectors," said Interset co-founder and CTO Stephan Jou. "By building an extensible platform on a big data open-source architecture we are able to rapidly increase use case coverage at scale. Interset 5 is the start of a new paradigm for our customers, who can now look to extend the platform beyond insider and cyber threat detection to different or unique threat surfaces, such as fraud and supply chain use cases. This platform model offers security managers superior ROI and lower TCO, while increasing operational success."

Interset is demonstrating Interset 5 at the annual SINET Showcase on Nov. 2 - 3, 2016, at the National Press Club in Washington, DC. Additionally, Interset is showcasing the new version at this week's Intel FOCUS security conference in Las Vegas, Nov. 1-3. Also featured at FOCUS is Interset's new integration with the McAfee Data Exchange (DXL), Intel's architecture for enabling an adaptive security ecosystem.

About Interset 
Interset provides highly intelligent, accurate insider and targeted outsider threat detection. Our solution unlocks the power of user behavioral analytics, machine learning, and big data to provide the fastest, most efficient and flexible way for IT teams to operationalize a data protection program. Utilizing agentless data collectors, lightweight endpoint sensors, advanced behavioral analytics, and an intuitive user interface, Interset provides unparalleled visibility into risks and threats facing sensitive business processes and data. This enables early attack detection and actionable forensic intelligence with reduced false positives to remove noise and stop attacks before compromise occurs. Interset solutions are deployed to protect critical data across government, manufacturing, life sciences, high-tech, finance, aerospace and defense, and financial services.

For more information, visit Interset.com and follow us on Twitter @intersetca. 

Contact Information:

Contact:
Betsy Kosheff

413-232-7057

Interset 5 Security Analytics shows which users, machines, files and applications are most at risk based on collective events, weighted by the severity of the action. It is unique in its handling of risk-based prioritization of targeted attacks as they develop inside the network. 

Interset 5 has a new user interface  that can show different risk and contextual views by entity (users, file, machine, application) with easy access to cyber hunting so that security analysts can quickly process potentially high-risk incidents to stop cyber and insider attacks.