Leading cyber security software specialist ZoneFox today launches a new machine learning based solution that monitors business critical data flow and user behaviour to spot abnormal usage patterns and combat insider threats called ZoneFox Augmented Intelligence (AI). The product, which is the most advanced of its kind to be developed in the UK has been created over the course of six years and is targeted at a wide range of business sectors.
Currently, most organisations monitor user’s behaviour manually, which puts constraints on more detailed investigations, slowing down breach detection and response times. Using detailed machine learning techniques, ZoneFox AI is able to harness specially developed User Entity Behaviour Analytics (UEBA) to optimise each stage of a threat investigation, resulting in quick detection and response times.
While machine learning has been used to combat other cyber security threats, this is the first time such an advanced level of the technology has been used to battle insider threats. The solution builds bespoke user profiles for each employee within two hours of being set up, using historical and real time user data across a wide range of everyday workplace tools such as laptops, PCs and employer-issued mobile phones. The fact ZoneFox AI can be used across such an array of devices means threats can be monitored, even when employees leave the office and work remotely. These profiles can be updated based on new activity (such as promotions or role changes) and also compared against peer groups to become as accurate as possible.
ZoneFox AI does not compromise on employee privacy. The super lightweight, agent based solution works silently and unobtrusively in the background of the devices operating system without impacting employee productivity. This allows the solution to provide a high-level overview of activity in the first instance, but also enables IT teams to zoom in on more granular, potentially suspicious behaviour, as part of ZoneFox’s incident response capabilities, if and when required.
ZoneFox AI displays real-time data so IT teams can accurately prioritise high risk anomalies as they happen. Each visualisation on the solution’s portal expresses a data shape, accentuating abnormal trends, while providing a bird’s eye view of user behaviour. Organisations are also able to programme and thus prioritise certain trends– for example emails being sent to competitors, or data being downloaded to an external drive. Administrators are sent an instant alert whenever an incident takes place.
Commenting on the launch of the new solution, ZoneFox CEO, Jamie Graves said: “Insider threats are increasingly becoming the major reason for security breaches across an array of sectors. For too long, organisations have built their security systems like a castle – focused on keeping those on the outside away from critical data, but failing to protect against or detect an inside job. ZoneFox AI has the intelligence to revolutionise this, harnessing smart analytics and state-of-the-art machine learning to identify and combat any suspicious activity from within an organisation quickly and effectively.
“Technology works best when deployed intelligently alongside skilled users. This is what ZoneFox AI strives to achieve – a cutting edge UEBA solution that can be programmed to identify any unusual behaviour and alert IT personnel when something out of the ordinary takes place. The fact we have spent six years developing this product makes its launch today exceptionally exciting. We look forward to deploying it across numerous sectors and continuously striving to improve it with even more sophisticated techniques in the coming years.”