Cyberoam, a leading global provider of network security appliances has introduced a unique capability – User Threat Quotient (UTQ) – to help IT security managers identify users posing security risks with ease. With UTQ, Cyberoam extends its own innovation of Layer-8 technology and turns over a new leaf in user-identity focused security. Available on Cyberoam’s Next-Generation Firewall and UTM appliances, UTQ harnesses information derived out of user’s web traffic to determine risky users that pose security and /or legal risks.
Studies have proved that users are the weakest link in the security chain and patterns of human behavior can be used to predict and prevent attacks. Said Mr. Abhilash Sonwane, SVP, Products and Technology, Cyberoam “Enterprise networks generate lots of data with ample clues into user-triggered events, but the information remains incomprehensible and correlating data from various logs and reports takes time and special skills, and is subject to the risk of human oversight.”
Given this scenario, a security manager wishing for a science fiction-like capability to preempt and mitigate threats shouldn’t come as a surprise. The ongoing paradigm shift towards pre-emptive security shares some signs of such capabilities. Many organizations and security managers are leveraging big data analytics tools to capture early signs of specific user actions or network event patterns that may hint at a possible ongoing attack or anomaly.
Commenting further, Mr. Sonwane added, “Most security teams struggle with timely detection of risk-prone user behaviour since they remain devoid of required actionable security data. User Threat Quotient (UTQ) from Cyberoam effortlessly profiles suspicious web behavior of network users, helping security teams with actionable inputs and relieving them from having to go through a labyrinth of massive logs.”
The User Threat Quotient (UTQ) studies the web behavior of users by analyzing massive data of allowed and denied web traffic for web categories like IP Address, P2P, Phishing and Fraud, Porn, Spam URL, Spyware, URL Translation Sites and more that pose security and legal risks.
The User Threat Quotient helps CSOs / IT security managers by:
1. Spotting risky users based on their web behavior at a glance without manual efforts
2. Removing complexity in analyzing terabytes of logs to identify suspicious or risk-prone user behavior
3. Eliminating the need for SMBs to invest in separate SIEM tools to spot risky users
4. Enabling investigation into the spread of risk within the network
5. Facilitating corrective actions to fine-tune user policies
Winds of change in IT and network security clearly indicate a growing need to focus on internal threats or risks from users. As a result, many CXOs now identify analytics and actionable security as a key investment area besides cloud, virtualization and mobility, to leverage security analysis that enable faster decision making. Extending its own innovation of Layer-8 identity-security with UTQ, Cyberoam continues to bridge the gaps where many security paradigms fall short in combating insider threats and user-triggered risks.