March 3, 2015

Introducing Helix Threat Detection: IP Security and Risk Analytics

IP Protection

Cyber attacks and major data breaches of large corporations are constantly in the news. Attacks aren’t just targeting retail stores and credit card numbers, but also health care exchanges, large film studios, banks and government agencies. The stakes are higher than ever as breached content includes confidential personnel records, sensitive email correspondence, government surveillance methods, full-length films and other types of highly-sensitive Intellectual Property (IP).  

Issues with Securing IP

Signature-based and perimeter-based security solutions aren’t effective against increasingly sophisticated and complex attacks. With mobile BYOD the norm, data now routinely moves beyond the perimeter. In addition, security managers are becoming more concerned about insider threats, like departing employees or those with compromised password credentials. For example, Edward Snowden, a former government contractor, obtained employee passwords before instigating one of the largest government data breaches in history. In a recent Ponemon/Raytheon Privileged User Abuse and Insider Threat Report, 69% of security staff report that their security tools do not offer enough context to detect an insider threat. 

Lack of timely visibility into who accesses corporate IP in suspicious ways (and how they do it) is one of the primary reasons data theft occurs. In fact, serious breaches often go undetected for months. Current rule- or threshold-based security solutions may generate thousands of alerts a day, making it difficult for security teams to distinguish real threats and attacks from “security alert noise.”

Introducing Helix Threat Detection

We are thrilled to announce Helix Threat Detection to address these pressing IP security and protection issues.

Helix Threat Detection monitors interactions with all the assets stored in the Helix environment, applying advanced behavioral analytics to detect and identify IP threats.  By applying statistical techniques to fine-grained user activity, Helix Threat Detection surfaces threats in real time and assesses the risk level for each threat event, thus breaking through “alert noise.” It quickly processes tens of millions of events across tens of thousands of user accounts to generate a prioritized list of the highest-risk accounts, data, and projects. 

Helix Threat Detection surfaces a wide range of threat scenarios, including:

  • Compromised, careless, and departing employees who download large amounts of data from sensitive projects
  • Insiders who slowly take small amounts of data over long periods of time
  • Machines compromised by stealth malware that are siphoning data
  • Outside or advanced persistent cyber-attacks

More information on Helix Threat Detection can be found here.