Michael Novinson | www.crn.com
Here’s a look at 12 products released during the Black Hat 2019 conference that turn network assets into security devices, redirect attempted endpoint access into deception environments, and use machine-learning algorithms on network flows.
Gurucul Network Behavior Analytics
Gurucul Network Behavior Analytics identifies unknown threats by using advanced machine-learning algorithms on network flows and packet data. The tool creates behavior baselines for every device and machine on the network based on network flow data, and leverages logs to correlate IP-specific data to machines and users.
The product comes with prepackaged machine-learning modules tuned to run on high-frequency network data streams to detect real-time anomalies and rank risk threats. The use of linked data and threat models allows Gurucul Network Behavior Analytics to identify advanced and unknown threats like zero-day exploits, fileless malware and ransomware.
The product does this by detecting unusual behavior on a server or device, related lateral movement within the network, command and control communication, access misuse, and suspicious account activity from a compromised account. The product’s data processing and analytics framework can uncover stealth operations that lie dormant between various stages of a cyberattack.