Red Owl Security Platform Provides a New Tool for Analysis By Bikash Chatterjee
August 2016- This year’s BlackHat conference had a new twist. In addition to the many powerhouse security service providers that populated the exhibit hall the show created a corner of small one table booths for new and emerging solution providers called Innovation Corner. Every year when we come to the conference ewe look for solutions which attack the question of security differently. It was here we came across an interesting security analytics solution provided by RedOwl.
RedOwl’s focus is the most unpredictable component of any network architecture, the human layer. Their product is intended to identify and address security threats due to insider threats. They focus upon three fundamental insider threats, the negligent actor by capturing and analyzing both structured and unstructured data within an organization. These analytics can be applied to identify compromised accounts, intellectual property theft, fraud and corporate espionage. The solution can be a powerful tool for security analysts to monitor and characterize behavior and is scalable as the size and complexity of the organization grows
The UI is configurable and allows the creation of custom dashboards. The software fully integrates with existing workflow solutions. RedOwl big advantage is its ability to capture and fuse disparate data sources in order to create a clear picture of intent capturing and organization’s SIEM, EDR and any employee enrichment data. The result is the ability for analyze behaviors not just anomalies. One of the most interesting aspects of the software is its ability to translate the outcomes into narratives. In addition to providing analytic data such as risk scoring and probabilities, it captures behaviors which represent a risk to an organization providing the opportunity for it to methodically address bad or careless behavior. For example, if an employee routinely emails himself his password or log-in information, the activity is translated as a narrative describing the behavior. The RedOwl solution provides a unique solution for security analysts that are looking for a forensic diagnostic tool to complement to address internal organization threats.