Story image

Forcepoint's RedOwl acquisition paves way for 'human-centric' security

30 Aug 2017

Cybersecurity firm Forcepoint has spent an undisclosed amount on the acquisition of security analytics provider RedOwl this week, as the company gets set to extend its reach into User and Entity Behaviour Analytics (UEBA) technologies.

RedOwl, launched in 2011, has taken a holistic visibility approach to the actions of people, including cyber, physical and financial activities. UEBA further enforces how important people are in security.

The acquisition allows Forcepoint to invest further into what it terms ‘human-centric security systems’, something that CEO Matthey P. Moynahan says RedOwl embodies.

“The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” he says.

“Forcepoint is absolutely committed to empowering customers with human-centric security systems, and RedOwl fits squarely into this promise.”

RedOwl’s analytics platform will be integrated across Forcepoint’s portfolio as well as existing customer technologies such as SIEM.

The platform delivers real-time insight into anomalous interactions and access across people, data, devices and applications, the company says.

Forcepoint DLP and Forcepoint Insider Threat will also leverage RedOwl’s UEBA technology over the coming months.

RedOwl CEO Gui Filippelli says that Forcepoint has proven cybersecurity and internal risk must take the ‘human-first’ approach.

“The opportunity to deliver a holistic solution around proactive human oversight is exciting; joining Forcepoint will accelerate our ability to deliver these important capabilities to our customers. We’re thrilled to become a part of the Forcepoint team,” he comments.

Heath Thompson, Forcepoint’s senior VP of its Data and Insider Threat Security business says that the combination of threat intelligence and UEBA is a powerful security method.

“With this acquisition, we can now ingest multiple data sources –including structured and unstructured data -- whether that’s from databases, Workday (HR), Salesforce, or other widely used applications and programs, and draw correlations that legacy DLP wouldn’t let you do. With the volume of data sources we can analyze, we can build a view of what “good” and “safe” look like for both security and compliance considerations. When something falls out of that normal profile, like accessing data at odd times, or from odd locations, we can raise the awareness and automatically adapt protection to the appropriate risk level,” he explains.

"For example, if sensitive data is being accessed during the middle of the night, the human-centric analytics can determine whether the employee in question is on a business trip to Asia, and the access to sensitive data is just happening during her working hours while away from the office. However, maybe that employee is at home but had her credentials compromised, and there is no easy explanation for accessing information at 3:30 in the morning. With RedOwl, a customer could use employee travel status as an input source to the analytics system – providing a level of insight to know the difference between a real attack or a false alarm,” Thompson concludes.

Forcepoint UEBA is available immediately. 

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.