This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

BAE Systems Detica launches cyber event analysis tool

Share this article:

BAE Systems Detica is to launch a tool that combines Big Data analytics with event analysis and investigation tools.

Named CyberReveal, it said that the defence-grade product will take statistics from other technologies and process the events to spot anomalies and threats.

Speaking to SC Magazine, Dave Garfield, managing director for cyber security at BAE Systems Detica, said that this was intended to help solve the notion of built-up, complex solutions delivering event data that is unmanageable and unviewable.

He said: “We took a top-down approach, as there can be millions of events every day and a lot boils down to what you need to investigate by risk scoring. This is based on the way we deal with advanced fraud.

“The analytics are based on the threat model of the behaviour of attacks and we are looking for the symptoms and behaviour, and what you want to generate is a window during the investigation where you can see a targeted attack via a series of email attachments or a number of users visiting the same website.”

According to the company, CyberReveal processes billions of data records and gives analysts a single view of network activity across their whole IT estate, detecting attacks by their behaviour – not just by the signatures of previous attacks.

Asked how this can be done when so many attacks are designed to be stealthy or ‘fly under the radar', Garfield said that this is the business that BAE Systems Detica is in, and in the cyber space the tool looks at the point of entry.

“It is hard to say what is an indicator of a targeted attack. This [tool] will monitor, analyse and assist in the decision making to deliver better security and be efficient enough to do a proper investigation,” he said.

“What we want to deliver is a platform with advanced analytics that looks at everything and sits for five hours analysing. This is not a forensics tool, but a technology to aggregate form different sources.”

Martin Sutherland, managing director of BAE Systems Detica, said: “CyberReveal addresses four key areas where traditional approaches are proving ineffective against the modern cyber threat – helping analysts to prioritise the incidents they investigate, managing huge data volumes, evolving their defences in line with a rapidly changing threat environment, and enabling quicker, more informed decision making.

“This is the first time we're making our technology available for companies that have their own analysts. CyberReveal provides a unique ‘single pane of glass' for analysts by linking security event data information from across the entire organisation. It can show them where they need to focus their attention and piece together disparate data to give them the big picture – critical to defending against the most advanced and insidious cyber threats.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

SharePoint users break own security rules

SharePoint users break own security rules

Privilege controls can work, but cannot cater for all eventualities, says Quocirca analyst Rob Bamforth.

Heartbleed slows down the internet

Heartbleed slows down the internet

As Hearbleed slows down the internet, experts say that two-factor authentication may the way forward to protect our web sessions.

Biometric data collection sparks privacy debate

Biometric data collection sparks privacy debate

You could be implicated as a criminal suspect, just by virtue of having that image in the non-criminal file, says the Electronic Frontier Foundation (EFF).