Story image

ExtraHop launches threat monitoring service 'Addy' in Australia

22 Aug 2017

Data analytics company ExtraHop has announced the Australian launch of what calls an ‘industry-first’ SaaS offering that uses machine learning to analyse all digital interactions.

The machine learning service, called ‘Addy’, is able to observe and analyse all digital interactions. It uses machine learning to detect anomalies as they happen, which enables a data-driven approach to securing the digital experience.

“The real-time network analytics ExtraHop provides already helps Australian companies better understand their environment and detect threats,” comments ExtraHop’s senior VP, Bryce Hein.

The company says that often traffic patterns change, devices on the network come and go, and most people don’t have the time to configure manual thresholds. Machine learning automatically sifts through metrics, a task that would be impossible to do manually.

The company cites statistics from Accenture’s High Performance Security Report 2016, which found that 65% of breaches are discovered by internal security teams. In Australia, half of respondents said it takes ‘months’ to detect breaches.

“Current and future demands of infrastructure and operations (I&O) require a specific, strategic investment in a platform that is designed to collect and analyse data from any source with the assistance of increasingly intelligent machines,” adds Gartner analyst Colin Fletcher.

As a result, ExtraHop designed the machine learning service to build baselines for each device, network and application. It also uses in-house and crowdsourced domain expertise to complement the core service and eliminate false positives over time.

Network traffic and application performance is extremely cyclical; past behaviour is a strong predictor of future behaviour,” the company says in its blog.

“As part of our research, we isolated a set of features in wire data that have the highest probability of correlation with relevant IT operation and security anomalies. Addy extracts metrics to tune a model with a custom machine-learning algorithm. The service continuously checks device and network behaviours through metrics collected by the ExtraHop systems and applies that data against the model it built. It then generates an alert when there are anomalous behaviours that might affect IT operations or security.”

According to ExtraHop, Addy can be paired with the company’s analytics-first workflow which alerts teams to performance and security issues.

“With Addy, we’re bringing machine learning to bear, helping surface performance and security anomalies faster than ever, and cutting through the noise to keep IT and security teams focused on the most important issues. Not only will this help them stay secure and compliant, but it will also help ensure a better digital experience for customers,” Hein concludes.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.