BlackRidge Technology Delivers New and Unique Identity Attribution Product to Help Detect Insider and Third Party Security Threats

Share Article

BlackRidge App for Splunk Enhances Security Analysts’ Ability to Quickly Identify Compromised or Rogue Users, Handle Exceptions, and Respond to Potential Breaches

News Image
The ability to provide identity attribution for unauthorized network access is another unique aspect of BlackRidge Technology that further places them in the first rank of emerging enterprise security technologies.

Today, BlackRidge Technology, the leader in identity-based network and cyber security, announced the BlackRidge App for Splunk® to provide real-time identity attribution for detecting insider and third party security threats. BlackRidge adds a new layer of real-time security protection that cloaks and protects servers before a network connection is established, using our patented First Packet Authentication™ technology.

“BlackRidge Transport Access Control authenticates identity and applies policy on the First Packet of network sessions, removing visibility of resources from unauthorized users while stopping known and even some unknown attacks and breaches from occurring,” said John Hayes, CTO and Founder of BlackRidge Technology.

The BlackRidge App for Splunk provides identity attribution for such threats, thereby helping CISOs to:

  • Identify compromised or rogue insiders and third party vendors.
  • Gain key insights to help with remediation.
  • Meet requirements for security controls, audits, and regulatory compliance.

Key features of the BlackRidge App for Splunk include:

  • Prioritizing the top real-time network security events from BlackRidge raw messages including unauthorized access events.
  • Providing a predefined set of dashboards to visualize the top 10 identity attribution events for the past day, week and month.
  • Generating real-time alerts with identity attribution of unauthorized network connections attempts to protected resources.

Key benefits from using the BlackRidge App for Splunk include:

  • Identifying unauthorized access that can help in identifying compromised or rogue users, handling exceptions, and responding to potential breaches identified by Splunk Enterprise.
  • Reducing risk from insider threats (third party vendors and partners) on your network by identifying, alerting on, and preventing unauthorized resource access.
  • Supporting audits and regulatory requirements pertaining to security controls and providing attribution information for compliance and forensic analysis.

“The ability to provide identity attribution for unauthorized network access is another unique aspect of BlackRidge Technology that further places them in the first rank of emerging enterprise security technologies. Identifying compromised or rogue insiders and third party vendors is a top operational priority for CISOs – the combination of BlackRidge and Splunk can help with this need,” said Mark Graff, Founder/CEO of Tellagraff, LLC.

Gorka Sadowski, Director of Global Strategic Alliances, Security Markets at Splunk, noted “The BlackRidge App for Splunk extends the Splunk Enterprise platform helping enable end-to-end security context across the entire organization. This in turn helps SecOps and SOC analysts when hunting for and linking events to compromised systems or rogue insiders and third party vendors.”

BlackRidge TAC Gateway App for Splunk is generally available to Splunk customers at no extra charge, and can be downloaded from Splunkbase at: https://splunkbase.splunk.com/app/2993/

For more information, visit http://www.blackridge.us.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kim Plyler
SahlComm
+1 484-554-5582
Email >