Story image

Forcepoint's RedOwl acquisition paves way for 'human-centric' security

30 Aug 2017

Cybersecurity firm Forcepoint has spent an undisclosed amount on the acquisition of security analytics provider RedOwl this week, as the company gets set to extend its reach into User and Entity Behaviour Analytics (UEBA) technologies.

RedOwl, launched in 2011, has taken a holistic visibility approach to the actions of people, including cyber, physical and financial activities. UEBA further enforces how important people are in security.

The acquisition allows Forcepoint to invest further into what it terms ‘human-centric security systems’, something that CEO Matthey P. Moynahan says RedOwl embodies.

“The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” he says.

“Forcepoint is absolutely committed to empowering customers with human-centric security systems, and RedOwl fits squarely into this promise.”

RedOwl’s analytics platform will be integrated across Forcepoint’s portfolio as well as existing customer technologies such as SIEM.

The platform delivers real-time insight into anomalous interactions and access across people, data, devices and applications, the company says.

Forcepoint DLP and Forcepoint Insider Threat will also leverage RedOwl’s UEBA technology over the coming months.

RedOwl CEO Gui Filippelli says that Forcepoint has proven cybersecurity and internal risk must take the ‘human-first’ approach.

“The opportunity to deliver a holistic solution around proactive human oversight is exciting; joining Forcepoint will accelerate our ability to deliver these important capabilities to our customers. We’re thrilled to become a part of the Forcepoint team,” he comments.

Heath Thompson, Forcepoint’s senior VP of its Data and Insider Threat Security business says that the combination of threat intelligence and UEBA is a powerful security method.

“With this acquisition, we can now ingest multiple data sources –including structured and unstructured data -- whether that’s from databases, Workday (HR), Salesforce, or other widely used applications and programs, and draw correlations that legacy DLP wouldn’t let you do. With the volume of data sources we can analyze, we can build a view of what “good” and “safe” look like for both security and compliance considerations. When something falls out of that normal profile, like accessing data at odd times, or from odd locations, we can raise the awareness and automatically adapt protection to the appropriate risk level,” he explains.

"For example, if sensitive data is being accessed during the middle of the night, the human-centric analytics can determine whether the employee in question is on a business trip to Asia, and the access to sensitive data is just happening during her working hours while away from the office. However, maybe that employee is at home but had her credentials compromised, and there is no easy explanation for accessing information at 3:30 in the morning. With RedOwl, a customer could use employee travel status as an input source to the analytics system – providing a level of insight to know the difference between a real attack or a false alarm,” Thompson concludes.

Forcepoint UEBA is available immediately. 

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.
NZ ISPs block internet footage of Christchurch shootings
2degrees, Spark, Vodafone and Vocus are now blocking any website that shows footage of the mosque shootings.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.