Story image

Forcepoint's RedOwl acquisition paves way for 'human-centric' security

30 Aug 2017

Cybersecurity firm Forcepoint has spent an undisclosed amount on the acquisition of security analytics provider RedOwl this week, as the company gets set to extend its reach into User and Entity Behaviour Analytics (UEBA) technologies.

RedOwl, launched in 2011, has taken a holistic visibility approach to the actions of people, including cyber, physical and financial activities. UEBA further enforces how important people are in security.

The acquisition allows Forcepoint to invest further into what it terms ‘human-centric security systems’, something that CEO Matthey P. Moynahan says RedOwl embodies.

“The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” he says.

“Forcepoint is absolutely committed to empowering customers with human-centric security systems, and RedOwl fits squarely into this promise.”

RedOwl’s analytics platform will be integrated across Forcepoint’s portfolio as well as existing customer technologies such as SIEM.

The platform delivers real-time insight into anomalous interactions and access across people, data, devices and applications, the company says.

Forcepoint DLP and Forcepoint Insider Threat will also leverage RedOwl’s UEBA technology over the coming months.

RedOwl CEO Gui Filippelli says that Forcepoint has proven cybersecurity and internal risk must take the ‘human-first’ approach.

“The opportunity to deliver a holistic solution around proactive human oversight is exciting; joining Forcepoint will accelerate our ability to deliver these important capabilities to our customers. We’re thrilled to become a part of the Forcepoint team,” he comments.

Heath Thompson, Forcepoint’s senior VP of its Data and Insider Threat Security business says that the combination of threat intelligence and UEBA is a powerful security method.

“With this acquisition, we can now ingest multiple data sources –including structured and unstructured data -- whether that’s from databases, Workday (HR), Salesforce, or other widely used applications and programs, and draw correlations that legacy DLP wouldn’t let you do. With the volume of data sources we can analyze, we can build a view of what “good” and “safe” look like for both security and compliance considerations. When something falls out of that normal profile, like accessing data at odd times, or from odd locations, we can raise the awareness and automatically adapt protection to the appropriate risk level,” he explains.

"For example, if sensitive data is being accessed during the middle of the night, the human-centric analytics can determine whether the employee in question is on a business trip to Asia, and the access to sensitive data is just happening during her working hours while away from the office. However, maybe that employee is at home but had her credentials compromised, and there is no easy explanation for accessing information at 3:30 in the morning. With RedOwl, a customer could use employee travel status as an input source to the analytics system – providing a level of insight to know the difference between a real attack or a false alarm,” Thompson concludes.

Forcepoint UEBA is available immediately. 

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.