DLP MEETS User Behavior ANALYTICS (UEBA)

harvest.ai's MACIE™ Analytics provides the confidence and dependability in protecting your business's most important assets, protecting user accounts from compromise and preventing theft of data and intellectual property. 

 

Features include 

  • Patent pending AI-based ability to track intellectual property across an organization's network, including emails and other content derived from IP.
  • MACIE understands the business value of all data across a network and whether it makes sense for a user to be accessing certain documents, a key indicator of a targeted attack.
  • MACIE can automatically identify risk to the business of data that is being exposed or shared outside the organization and remediate based on policies in near real-time. Our DLP analytics not only classify documents but can identify true IP matches to protect the most sensitive documents that exist for an organization, whether it be technology, brand marketing campaigns or the latest pharmaceutical drug.
  • MACIE not only detects changes in a single users behavior, but it has the unique ability to detect minor shifts in groups of users, which can indicate an attack.

 

Without our IP and people, we would not have any value. I can watch my people, harvest.ai watches our IP.
— Michael Coward, CTO and Co-Founder, QuickFire Networks
quickfire-fb.jpg
 

It's not a malware problem any more.

Attackers have evolved their approach, and are targeting users directly, at times using no malware at all and exclusively legitimate applications to accomplish their goals. MACIE's ability to observe changes in User behavior shines a spotlight on possible breaches in a network and provides one of the strongest indicators of a network that is under attack. MACIE integrates with your cloud and on-premise systems, examining patterns of logins, remote network access, access to data and documents to discover attacks and compile a comprehensive case for further review. harvest.ai augments traditional SIEM in this case, adding critical context about the content and business value of documents that users are accessing. MACIE's user interface provides unprecedented detail, with the ability to start with a narrative explanation of alerts discovered by machine learning analytics, all the way down to the raw events that led to the alert, providing organizations tools to leverage existing investments and systems while identifying and weighting cases for investigation.

 

MACIE's user behavior classifier is uniquely capable of detecting anomalous user access to critical data and systems. From detecting and stopping attackers targeting organizations cloud applications such as Google at Work or Office 365, to preventing an accidental share of critical intellectual property, MACIE detects anomalies in how the user accesses the network by noticing changes in location of access, browsing habits, data transfers and other telemetry that can be harnessed from existing systems.


MORE THAN JUST ALERTS

We are helping organizations answer these questions:

  • Are my critical assets leaving trusted zones in the cloud?
  • Which actors are responsible for data leakage and what did they leak out?
  • What contextual information do I need to investigate this event further?
  • Can I fully operationalize my security team to respond to anomalous behaviors?

Stopping APT Attacks

An APT attacker has a clear objective, is willing and able to employ multiple tactics ranging from simple social engineering to extremely complex malware, adapting them as needed in order to fulfill that objective. These types of attackers are looking for your most valuable assets, and MACIE identifies these assets, where they reside, who has access to them, why they have access and when they access it. This provides MACIE users with near-real time alerts that can take action to limit access to assets and revoke user access.