RSA Extends Push into Identity and Threat Analytics -- Redmondmag.com

RSA Extends Push into Identity and Threat Analytics

By Jeffrey Schwartz
05/26/2015

The EMC Corp. subsidiary's new president, Amit Yoran, is looking at the newest risk factors, which extend beyond enterprise perimeters thanks to the growing ubiquity of public and hybrid cloud services. Yoran noted the launch of its new Via identity management product line and extensions to RSA Security Analytics. Coviello, who retired, has blessed the company's push into these new areas, Yoran says.

RSA described its new Via portfolio as smart identity tools that use contextual awareness instead of static rules such as traditional passwords to single sign-on access to systems. The first in the portfolio, RSA Via Access, is a Software-as-a-Service (SaaS) offering that offers step-up authentication using mobile devices to provide single sign-on access. The Via line also includes RSA Via Governance, built on its identity management and governance platform it gained in its 2013 acquisition of Aveksa, which provides views into access privileges, automates user access, and flags orphan user accounts and inappropriate user access, according to the company. Also built on its Aveska acquisition is the new Via Lifecycle, a user provisioning platform.

The other major area of emphasis for the company is the extended capabilities of RSA Analytics. Based on the 2011 acquisition of NetWitness, which Yoran led as CEO at the time, the company is launching a new release of RSA Analytics that will focus on extending visibility from the endpoint to the cloud. Referring to the 2014 Verizon Data Breach Investigations Report that found less than 1 percent of successful advanced threat attacks were spotted by security information and event management (SIEM) systems, he argued his call for change: "We're still clinging to our old maps," he said. "It's time to realize that things are different."

Veeam Adds Secure Backup to Microsoft Azure
Veeam Software, which provides backup solutions for virtual environments, released a technical preview of its new data protection tool for the Microsoft Azure cloud service. The company's new Veeam FastSCP for Azure lets IT pros and Azure developers copy local files to Azure virtual machines (VMs). The new free tool also lets IT pros securely copy files without a VPN or third-party encryption, manual file copy to and from Azure VMs without having to keep the UI open during the backup process, and it supports automated scheduling of file copy jobs.

The company also released a technical preview of its Veeam Management Pack for System Center. The new release adds support for vSphere 6.0, new infrastructure summary reports, capacity planning for Azure and VMware vCloud Air, and it tracks histories of snapshots.

Metalogix Targets Data Leakage with New Sensitive Content Manager
SharePoint and Office 365 migration and governance software provider Metalogix International GmbH plans to ensure personally identifiable information can't leak out of enterprise content management systems. The company will offer that capability with its new Metalogix Sensitive Content Manager. Metalogix released a technology preview last month.

Metalogix Sensitive Content Manager uses a new machine learning analysis engine developed by the company, which offers more accurate and intelligent content scanning and identification than data loss protection tools, explains Steven Murphy, the company's CEO. When integrated with Metalogix permissions management tool ControlPoint 6.0, it applies compliance policies to sensitive content. The tool becomes aware of actions related to distribution of sensitive content.

"The big problem and why these artificial intelligence-based older generation DLP systems are a thing of the past is you get a tremendous amount of false positives and false negatives," Murphy says. "With machine learning, using our capabilities you actually start to begin to learn and enhance the filtered content at a much greater rate and, therefore, reduce a lot of wasted time and manual effort. You don't need a truckload of consultants. It's truly an intelligent content scanning and identification capability, and when coupled with our ControlPoint permissions and compliance administration product, really provides an automated lifecycle."

In a separate release, the company also introduced Metalogix Service Manager for Office 365, which lets administrators gather together analytic reports from Active Directory user profiles to apply proper permissions across environments, perform backups and secure all of the Office 365 suite.

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.

Featured

Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.
PowerShell Script Used in Phishing Attack May Be AI-Generated

A PowerShell script being used in a novel malware campaign may have been created by AI, according to security researchers at Proofpoint.