Black Hat Briefing, Las Vegas, NV - Intellitactics and Covelight Systems have joined forces to provide Fortune 2000 enterprises, government agencies, and educational institutions with the ability to identify attempts made by authenticated users to access sensitive data residing in web-enabled applications that would normally go undetected by existing security solutions. The alliance combines the Intellitactics Security Manager software and the Covelight Percept Privacy Protection and Fraud Management technology to provide operations with the ability to monitor the activity of authenticated users accessing corporate web applications and then, upon notification of security breaches or suspicious activities, to initiate comprehensive investigatory and remediation efforts.
This powerful integration offers an alternative for information-sensitive organizations that recognize the need to converge network perimeter security with identity and access management. With a holistic approach to security management, operations can detect theft, fraud, and abuse of web-enabled assets such as financials and customer information; cut hours of investigative time; increase the accuracy of threat detection; and take preemptive action to protect critical information assets from both the "trusted" insider and the external cyber criminal.
Covelight Percept passively monitors the activity of users authorized to use corporate web applications to protect confidential identity data from theft. Without jeopardizing application availability or degrading performance, the system compares the key characteristics of login and usage activity with individual and collective norms as well as security control policies to detect abnormal and suspicious activity as it occurs and immediately initiates a security alert while providing continuous user auditing for compliance, and forensic data for incident investigation.
Intellitactics Security Manager consolidates and analyzes data from corporate security devices, operating systems, and applications, as well as environmental data such as vulnerability information, to provide real-time threat detection and historical analysis for compliance reporting, trend analysis, or forensics. The system reduces a large number of events to a reasonable number of higher quality alerts, elevates high-impact alerts as incidents, and provides security and network operations with the information necessary to proactively mitigate attacks.
From an operational perspective, the integrated product offering accelerates the threat-management timeline. The offering empowers operations to passively monitor authenticated-user activity in real-time, receive security alerts in real-time, quickly investigate suspicious activity, and take immediate action to defend against and mitigate attacks. By compressing the "time to notification, time to investigation, and time to remediation timeline," organizations can protect critical information assets, avoid expensive and embarrassing security incidents, and limit risk without sacrificing business effectiveness.
The integrated product offering from Intellitactics and Covelight allows organizations that maintain sensitive personal information to meet increasing privacy and auditing requirements imposed by compliance regulations such as Gramm-Leach-Bliley Act, HIPAA, and California SB 1386 as well as new privacy laws being proposed in 20 states and in both houses of the U.S. Congress. These regulations require an enterprise to: