On June 1, SS8 elaborated details of BreachDetect, a product that specializes in the retrospective detection of security breaches. Using analytics that facilitate the detection of security breaches and their associated devices of interest, BreachDetect has the capability to identify network-based breaches that may have escaped identification from other security tools and applications. BreachDetect generates and analyzes High Definition Records (HDR) based on data collected from software sensors that reside on the network. The platform’s learning and analytics engine correlates HDR data with data from users and devices in conjunction with sensors that have the ability to manage over 1,000 security protocols. Moreover, BreachDetect correlates threat intelligence regarding devices and breaches that have remained undetected. SS8’s capability to identify previously unidentified security breaches empowers organizations to take advantage of historical data and analytics to predict future attacks as noted by Faizel Lakhani, President and COO of SS8, below:
We get smarter about security every day, and while that knowledge helps us stop the known attacks, it doesn’t account for the breaches that went undetected. What’s needed in today’s complicated breach lifecycle is the ability to not only turn back the clock to uncover the unknown threats, but analyze the past to better forecast for new breaches. This time machine for breach detection takes our expertise in extracting intelligence from communications and delivers it to the enterprise to uncover the unknown threat.
Lakhani comments on the way in which SS8’s ability to deliver breach detection technology enables customers to “analyze the past to better forecast for new breaches” by building on SS8’s venerable history of deriving business intelligence from communications-related data. BreachDetect incorporates SS8’s impressive history of delivering communications analytics to the world’s premier intelligence and law enforcement agencies for counter-terrorism purposes as told to Cloud Computing Today in a phone interview with Lakhani. As such, BreachDetect translates SS8’s expertise identifying suspects of interest in the intelligence community to the related, but qualitatively different task of identifying devices of interest within IT infrastructures. The graphic below illustrates the visualization capabilities of SS8 with respect to breach detection:
The dashboard represents BreachDetect’s ability to identify instances of data exfiltration across a multitude of destinations that includes applications and file types. The graphic underscores SS8’s ability to transform its enterprise-grade platform for the intelligence community to IT security use cases that have the ability to not only detect stealth security breaches that have not yet been identified, but also proactively forecast breaches in ways that empower enterprises to implement controls and mitigations to pre-empt security breaches before they materialize.