The vendor describes itself as being modeled after the human immune system and looks for a unique pattern of life within a computer network as a baseline then can flag issues when found. This technology is also licensed by the city of Las Vegas to recognize the city’s internal computer system pattern for its 3,000 employees.
“This is a next-generation tool. It used to be a much more manual operation of an analyst having to look through firewall or system logs,” said Patsy Boozer, chief information security officer at the city of San Antonio. “This doesn’t take the analyst out of the equation, but they focus on what they need to. It’s more about efficiency.”
The city has eight cybersecurity analysts responsible for more than 16,000 devices and accounts connected to the city’s computer network.
In August 2018, the city initiated a proof of concept and piloted the software. It had worked with an expert from Gartner, a global research and advisory company, to identify potential options on the market.
The plan is to use this software as the city’s internal system as it joins to a shared cybersecurity center. San Antonio uses a nationally recognized cybersecurity framework to secure the city’s computer infrastructure.
“I wanted something with a graphical display, and if it was going to take a Ph.D. to use, that wouldn’t work,” Boozer said.
The software creates profiles of how computers and devices normally act on a daily basis, like routine traffic flow.
“It’s like having a security guard at a store. There is a normal pattern of people moving out of the doors with receipts in their hands and boxes. Then, when [the guard] sees somebody with boxes but no receipt, they flag it,” Boozer said.
Complete our form and let us e-mail the full solution brief.
Download here
