Looking for partners that can help drive a new approach to managing security breaches, LightCyber unveiled a channel program aimed at solution providers that either already have or are looking to acquire additional security expertise.
Jason Matlof, executive vice president of LightCyber, said the LightCyber Channel Alliance program is designed to drive adoption of an Active Breach Detection offering to help make it faster and simpler for IT organizations to discover and isolate malware.
“Our assumption is that the organization has already been breached,” said Matlof. “We profile all the users and devices on the network to identify anomalous behavior.”
Sold only via the channel, the Active Breach Detection platform provides organizations with an alternative to using security information event management (SIEM) platforms to search through log files in the hope of discovering anomalies, Matlof said. In its place, the Active Breach Detection platform from CyberLight correlates user behavior with known attack vectors to identify potential security breaches faster and with a high degree of confidence.
One of the banes of IT security today, noted Matlof, is that many IT security products generate too many false positives. The end result is a continuous stream of alerts that the IT organization eventually starts to ignore because they end up wasting time on the IT security equivalent of a wild goose chase. Rather than generating alerts based on, for example, the existence of some type of binary file, the LightCyber Active Breach System correlates those events against known end-user behavior patterns.
To make it simpler to resell the Active Breach System or build a managed service around it, LightCyber provides access to a wealth of online training material that partners need to be certified on in order to sell the Active Breach System, said Matlof. In addition, LightCyber has created a portal through which partners can access marketing and sales enablement collateral.
IT organizations of all sizes these days are clearly struggling with security. Much of their efforts have been on trying to secure the network perimeter and the endpoints attached to it, However, the time may be coming when much of that focus shifts to containing, rather than preventing, breaches, given the fact that the latter task seems to be all but impossible.
Michael Vizard has been covering IT issues in the enterprise for more than 25 years as an editor and columnist for publications such as InfoWorld, eWEEK, Baseline, CRN, ComputerWorld and Digital Review.