This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

BAE Systems Detica launches cyber event analysis tool

Share this article:

BAE Systems Detica is to launch a tool that combines Big Data analytics with event analysis and investigation tools.

Named CyberReveal, it said that the defence-grade product will take statistics from other technologies and process the events to spot anomalies and threats.

Speaking to SC Magazine, Dave Garfield, managing director for cyber security at BAE Systems Detica, said that this was intended to help solve the notion of built-up, complex solutions delivering event data that is unmanageable and unviewable.

He said: “We took a top-down approach, as there can be millions of events every day and a lot boils down to what you need to investigate by risk scoring. This is based on the way we deal with advanced fraud.

“The analytics are based on the threat model of the behaviour of attacks and we are looking for the symptoms and behaviour, and what you want to generate is a window during the investigation where you can see a targeted attack via a series of email attachments or a number of users visiting the same website.”

According to the company, CyberReveal processes billions of data records and gives analysts a single view of network activity across their whole IT estate, detecting attacks by their behaviour – not just by the signatures of previous attacks.

Asked how this can be done when so many attacks are designed to be stealthy or ‘fly under the radar', Garfield said that this is the business that BAE Systems Detica is in, and in the cyber space the tool looks at the point of entry.

“It is hard to say what is an indicator of a targeted attack. This [tool] will monitor, analyse and assist in the decision making to deliver better security and be efficient enough to do a proper investigation,” he said.

“What we want to deliver is a platform with advanced analytics that looks at everything and sits for five hours analysing. This is not a forensics tool, but a technology to aggregate form different sources.”

Martin Sutherland, managing director of BAE Systems Detica, said: “CyberReveal addresses four key areas where traditional approaches are proving ineffective against the modern cyber threat – helping analysts to prioritise the incidents they investigate, managing huge data volumes, evolving their defences in line with a rapidly changing threat environment, and enabling quicker, more informed decision making.

“This is the first time we're making our technology available for companies that have their own analysts. CyberReveal provides a unique ‘single pane of glass' for analysts by linking security event data information from across the entire organisation. It can show them where they need to focus their attention and piece together disparate data to give them the big picture – critical to defending against the most advanced and insidious cyber threats.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.

Hackers smuggle out stolen data disguised as videos

Hackers smuggle out stolen data disguised as videos

Around a dozen organisations, including at least one financial sector company, have been hit by a new form of hacking where attackers hide stolen corporate data inside video files that ...

White House breached: Russian hackers suspected

White House breached: Russian hackers suspected

Russian hackers are allegedly behind a breach at the US President's office, while Russia's BlackEnergy malware has been used to attack US SCADA system suppliers.