Nir Polak, CEO & Co-founder
Crime in the present day has reached its most sophisticated form; a simple gimmick with the help of technology can lead to a million dollar heist. Often, industries that possess unprecedented amounts of critical data are highly prone to such mishaps. More so, the retail industry, that engages thousands of in-house players dealing with large amounts of sensitive data, is highly vulnerable due to its structural nature. Mostly, the data is related to customers’ payment and identification and employees’ health and finance. With such large workforce, it is especially difficult for retailers to keep a tab of unauthorized users on the network. “So, you have an industry that’s a big hacker target,” points Nir Polak, CEO and Co-founder of Exabeam. With an objective to protect retailers from unexpected security breaches, Exabeam is focused on blending analytics and intelligence.
Exabeam helps security teams identify hackers, who gain access to sensitive data using valid, stolen credentials. The company’s threat detection solution reports unusual activity by employers, partners, and contractors, and alerts the IT departments to scrutinize those activities immediately. “Additionally, through a combination of machine learning and behavioral analysis, Exabeam quickly classifies hackers or attackers from millions of alerts received from numerous users,” elaborates Polak. Firstly, Exabeam’s security software analyzes the log data collected and then through machine learning and behavioral analysis, they detect possible attacks.
“Our threat detection solution pinpoints common signals—for example: if it is the first time a user has tried to access an organization’s in-house system, if anyone else with the same job role has accessed the systems,or if the user has accessed the network from a foreign country for the first time,” explains Polak. With over 100 such insights that are automatically linked together, Exabeam uses multiple behavioral models and asks questions dynamically following credentialed activities.
Exabeam’s threat detection solution is security-oriented, not buyer-oriented behavioral models
Further, elaborating on the company’s solution, Polak states, “Exabeam’s threat detection solution is oriented towards security, not marketing or buyer behavior models. We are the best in the world at detecting risky activity based on behavior.”
In contrast to the traditional business intelligence, which retailers use for security analytics, Exabeam’s machine learning system processes massive sets of organizational data. “Today, attacks aren’t known, they’re very dynamic. And what Exabeam allows you to do is have visibility into the event, into the attack, and gives you so much context,” says Colin Anderson, VP-Information Technology, CISO at Safeway—an American supermarket chain. Anderson leveraged Exabeam’s behavioral analytics which allowed him to gain a deeper visibility into a particular context. “If I have a user trying to connect to my Point Of Sale system, it is very important for me to know if that is POS engineer, or is it a vendor, or is it somebody in Marketing that has absolutely no reason to be touching my POS system,” says Anderson. Exabeam’s solution gives security teams the information and context they need to investigate incidents very quickly.
Exabeam, which emerged from a database and application security company, Imperva, has first-hand experience with retailers who wish to protect their sensitive data in customer databases. Today, the company builds security detection systems, combining decades of their industry expertise with its investments in data science. The company’s ‘PhD-level data scientists’ develop a variety of machine learning techniques by constantly researching on new types of attacks, analyzing signals and encoding the same into systems such that the software can learn variants on its own.
“User behavior analytics is indeed a very hot and fast-moving market,” says, Polak. Keeping in sync with such vibrant market conditions, Exabeam is innovating advanced tools that could perform proactive analysis and protect the retailers’ data.