2020/06/18Press Release
In enterprise environments where advanced cyber security measures are required, Digital Arts Consulting, Inc. (Headquarters: Chiyoda-ku, Tokyo, Japan; President: Tadao Matsumoto; hereinafter "Digital Arts Consulting"), which provides CISO services (security consulting services), has concluded a distributorship agreement with Exabeam, Inc. (headquartered in California, USA; Neil Polak, Co-founder & CEO; hereinafter referred to as "Exabeam") and will begin offering "Security Operation Management Improvement Service" utilizing "Exabeam Smarter SIEM."
COVID-19 and other factors that have been causing a pandemic around the world since the second half of last year have made it necessary to redefine and apply the ideal state of business and work styles without waiting, and the rapid transition to telework in Japan has increased the demand for risk management more than ever.
Under these situation, Japanese companies lag behind their counterparts in cybersecurity measures, especially in detecting, responding to, and recovering from security incidents caused by internal fraud or intrusion by an attacker. Many Japanese companies' information security measures are limited to taking defensive measures against external attacks and internal information leaks, and there are no clear rules on how to respond to incidents, nor are there clear guidelines in ISO27001, the international security standard.
If the lack of security operations is left unchecked, incidents may not be properly addressed and responses may be delayed, leading to not only increased security risks such as information leaks and denial of service, but also business continuity, deteriorating profitability, and loss of business opportunities.
These security operations can be managed with limited resources through technologies such as SIEM (Security Incident and Event Monitor/log collection and management, threat detection and analysis) and SOAR (Security Orchestration, Automation and Response/automated analysis procedures required for incident response). SOAR (Security Orchestration, Automation and Response). However, this requires the dependence on a few experts and the establishment of a large-scale system, as correlation analysis and detection logic are built based on scenarios, and depending on the operation method, the triggering, receiving, response, coordination, and management of alerts when an incident occurs may be performed by a single person.
Exabeam, a leader in the fields of UEBA (User and Entity Behavior Analytics) and SIEM*2, not only supports SIEM and SOAR, but also provides the Exabeam Security Management Platform (Exabeam SMP), which follows the UEBA functionality of learning and timeline management of human and material behavior and characteristics, and easily identifies abnormal and dangerous behavior.
This is a security platform to make the operational elements of Collect (log collection), Detect (attack detection and analysis), and Respond (incident response) more efficient and effective.
In addition to learning behaviors and collecting log data through conventional machine learning, it analyzes user behaviors and converts them into sessions and events from a vast number of multiple log sources to generate timelines tied to people and objects. This next-generation SIEM platform automatically visualizes previously unseen human and system behavior in chronological order, detects behavior other than normal behavior, and exposes risks, including unknown threats. It realizes security operation automation that converts knowledge from the occurrence of an incident to subsequent processing.
To help many companies and organizations reduce operational costs by renewing their security operations, it takes consulting and engineering expertise in cybersecurity.
Digital Arts Consulting proposes the best security operation for your business from two perspectives: consulting to help you improve your business by reviewing what you need to do based on a clear understanding of your business needs, and engineering to help you design and implement operations after the introduction of the system.
For companies and organizations that have spent a lot of time and effort on security operations, such as those that have introduced SIEM but have not been able to use them well, those that are worried about increased man-hours for operations due to the existence of multiple security devices, and those that are anxious about responding to incidents after they occur, We will propose a new normal for security operations by enabling efficient detection, response, and recovery from internal fraud and attacker intrusions, thereby reducing operational ROI.
After our consultant eventizes the current operations and IT assets, the consultant will conduct Fit & Gap between the operating systems, etc. and the client's security guidelines, information security policies, etc., and organize the workflow.
Then, a solution architect will join the project to investigate and organize the existing layout and configuration information, as well as how Exabeam Smarter SIEM works with the products in operation, in order to visualize the current situation, organize customer requirements and propose solutions (building a hypothesis) in consideration of the actual business for customers who are unsure of the appropriateness of security measures.
Digital Arts Consulting's solution architects will provide Proof of Value (POV) support for the hypotheses organized in the risk assessment service, visualize the customer's value in consideration of the actual business, extract the following functions provided by Smarter SIEM that meet the customer's needs, and put together a conceptual design. Then, our implementation and support engineers will provide implementation and operation design, construction, and maintenance/operation services utilizing the extracted functions.
Exabeam's Security Management Platform (SMP) is componentized in a modular format, allowing you to use the necessary license for your application.
・Data Lake: Log collection/management functionality independent of log storage volume
・Cloud connector: Function to collect more than 40 cloud service logs such as Office365, Box, etc.
・Advanced Analytics: Behavior-based log analysis derived from user baselines (including unknown threats and internal fraud countermeasures)
・Entity Analytics: Behavior-based log analysis derived from device (server, terminal, IoT, etc.) baselines (including unknown threat countermeasures)
・Threat hunter: Threat search functionality that eliminates the need for complex query syntax and provides an intuitive UI for efficient threat hunting.
・Incident Responder: Automated response through automation orchestration
・Case Manager: Incident case management functionality
x Security Operations Management Improvement Service (Exabeam SMP)
Provides one-stop multi-cloud posture management, incident response design, and operational management improvement in compliance with industry-standard security and device configuration guidelines
x Security Operation Management Improvement Service (Exabeam SMP)
Provides one-stop services for identifying and managing ongoing risk priorities, designing incident responses, and improving operational management from the perspectives of both vulnerabilities and threats.
x Security Operation Management Improvement Service (Exabeam SMP)
Provides one-stop services for designing authorization of people and objects, detecting threats, designing incident responses, and improving operation management to prevent extensive security damage caused by the seizure or promotion of privileged IDs.
Digital Arts Consulting will combine the new security operation management improvement service with its existing services to strengthen security in corporate systems, which will become increasingly important in the future, and to propose an optimal management environment through the utilization of ICT.
Exabeam SMP uses four engines - Context Engine, Session Engine, Behavioral Engine, and Risk Engine - to identify user asset information, timeline user behavior, and learn and understand behavioral characteristics, by assessing risk on a person-by-person and thing-by-thing basis through behavior profiling. This next-generation SIEM platform enables analysts to easily identify users who are behaving in an unusual and potentially dangerous manner and take prompt and appropriate action.
・About Exabeam, Inc.
Exabeam is the leading Smarter SIEM, automating the investigation and remediation of distributed attacks and unknown threats, detecting threats based on human and physical behavior, and reducing excessive log storage fees (license and environment) by making the platform SaaS. This enables us to reduce lead times and detect, investigate, and respond to cyber attacks in 51%*3 less time than before.
https://www.exabeam.com/
・About Digital Arts, Inc.
With a corporate philosophy of "contributing to a more convenient, comfortable, and secure Internet life," Digital Arts, Inc. is a domestically produced security software company that provides businesses, public (government offices, schools), and households with information security solutions centered on Webmail and files.
Since launching the first domestically produced web filtering software in 1998, the company has been providing information security products that provide countermeasures against external attacks and internal information leaks. Taking advantage of its strength in domestic self-development, the company is engaged in product planning, development, sales, and support, and aims to provide security products that protect customers from unknown threats based on its unique web filtering database, which supports the foundation of its products, and its technical capabilities patented in 27 countries and regions around the world.
https://www.daj.jp/
・About Digital Arts Consulting, Inc.
Digital Arts Consulting, Inc. was established on April 1st, 2016 as a strategic subsidiary of Digital Arts, Inc. by bringing together members who specialize in IT strategy consulting to management divisions.
Recently, cyber-attacks from outside targeting companies and government agencies and leaks of confidential information from inside are recognized as a serious problem not only in Japan but also worldwide, and the need for support for the introduction of security products has been increasing. While leveraging the customer base and know-how that Digital Arts has cultivated in the information security industry, we mainly provide support for the introduction of cyber security measures, especially for major companies in the manufacturing, financial, and pharmaceutical industries, in order to respond flexibly and promptly to the needs of the market.
https://con.daj.jp/
* related to the Company and its products are trademarks or registered trademarks of Digital Arts Consulting, Inc.
*Other company and product names mentioned above are trademarks or registered trademarks of their respective companies.