Cybersecurity firm Forcepoint has spent an undisclosed amount on the acquisition of security analytics provider RedOwl this week, as the company gets set to extend its reach into User and Entity Behaviour Analytics (UEBA) technologies.
RedOwl, launched in 2011, has taken a holistic visibility approach to the actions of people, including cyber, physical and financial activities. UEBA further enforces how important people are in security.
The acquisition allows Forcepoint to invest further into what it terms ‘human-centric security systems’, something that CEO Matthey P. Moynahan says RedOwl embodies.
“The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” he says.
“Forcepoint is absolutely committed to empowering customers with human-centric security systems, and RedOwl fits squarely into this promise.”
RedOwl’s analytics platform will be integrated across Forcepoint’s portfolio as well as existing customer technologies such as SIEM.
The platform delivers real-time insight into anomalous interactions and access across people, data, devices and applications, the company says.
Forcepoint DLP and Forcepoint Insider Threat will also leverage RedOwl’s UEBA technology over the coming months.
RedOwl CEO Gui Filippelli says that Forcepoint has proven cybersecurity and internal risk must take the ‘human-first’ approach.
“The opportunity to deliver a holistic solution around proactive human oversight is exciting; joining Forcepoint will accelerate our ability to deliver these important capabilities to our customers. We’re thrilled to become a part of the Forcepoint team,” he comments.
Heath Thompson, Forcepoint’s senior VP of its Data and Insider Threat Security business says that the combination of threat intelligence and UEBA is a powerful security method.
“With this acquisition, we can now ingest multiple data sources –including structured and unstructured data -- whether that’s from databases, Workday (HR), Salesforce, or other widely used applications and programs, and draw correlations that legacy DLP wouldn’t let you do. With the volume of data sources we can analyze, we can build a view of what “good” and “safe” look like for both security and compliance considerations. When something falls out of that normal profile, like accessing data at odd times, or from odd locations, we can raise the awareness and automatically adapt protection to the appropriate risk level,” he explains.
"For example, if sensitive data is being accessed during the middle of the night, the human-centric analytics can determine whether the employee in question is on a business trip to Asia, and the access to sensitive data is just happening during her working hours while away from the office. However, maybe that employee is at home but had her credentials compromised, and there is no easy explanation for accessing information at 3:30 in the morning. With RedOwl, a customer could use employee travel status as an input source to the analytics system – providing a level of insight to know the difference between a real attack or a false alarm,” Thompson concludes.
Forcepoint UEBA is available immediately.