CST: 22/10/2016 20:20:21   

Balabit's Blindspotter Extends Behavior Analysis With Biometrics

234 Days ago

Balabit Showcases Technical Demo of Blindspotter With Biometric Analysis of Keystroke Dynamics and Mouse Movements at RSA Conference 2016 Booth #N4608

NEW YORK, NY and SAN FRANCISCO, CA--(Marketwired - Mar 2, 2016) - Balabit (www.balabit.com), a leading provider of contextual security technologies, best known as "the creator of syslog-ng" today announced the release of Blindspotter version 2016.03 at the RSA Conference in San Francisco. The new version of its User Behavior Analytics (UBA) solution features several new and unique machine learning algorithms that help security teams to quickly identify hijacked accounts or discover forbidden account sharing, thereby avoiding large-scale data breaches or compliance problems. Blindspotter not only reveals previously unknown threats, but also precisely visualizes them, enabling organizations to dramatically reduce the time to discover, investigate and respond to insider and outsider threats.

"Besides the existing set of several sophisticated machine learning algorithms, the new release of Blindspotter further improves behavior analysis by adding the capability of detecting scripted activity on accounts and by performing a biometric analysis of keystroke dynamics and mouse movements," said Péter Gyöngyösi, Product Manager of Blindspotter at Balabit. "Blindspotter enables CIOs and CSOs to get a comprehensive, unique visualization of their IT ecosystem. Gaining a better understanding on how IT services are used by specific users or user groups, IT professionals can get immediate, actionable and tangible insight. Overall, Blindspotter improves IT decisions, helps optimize IT resources and business efficiency."

Key new features of Blindspotter 2016.03:

  • Detection of system accounts used by humans and personal accounts used by scripts
    System accounts used by humans, shared accounts and personal accounts used by scripts are typical red flags of potential security risks for the company. When an attacker gains access to stored credentials used by a script, particularly if those are the credentials of a privileged account, this can lead to a large-scale data breach. Blindspotter is able to distinguish between human and automated activity and allows the security team to discover the misuse of personal or service accounts.

  • Screen Content Analysis
    Based on the technology of Shell Control Box, Balabit's market leading activity monitoring solution, Blindspotter has already been able to analyze commands issued in SSH and Telnet administrative sessions and find potentially risky activities. In version 2016.03, this capability is extended to Windows users (including both privileged and business users) using the Remote Desktop Protocol (RDP). By analyzing the textual content seen in graphical protocols on the screen, hijacked accounts and malicious insiders can also be found in a mainly Windows-oriented environment.

  • Biometric analysis of user input
    The way we interact with our computers is part of our digital fingerprint and the dynamics of our keystrokes and our mouse usage patterns identify us just as well as our signature does. With this latest version, Blindspotter is able to analyze keystroke and mouse movement patterns and identify cases when an account is used by someone else, other than the authenticated user. Biometric analysis provides a new way of authentication: on one hand, it relies on something the user is instead of something they know or something they have. Also, instead of a one-off authentication at the beginning of the session it provides a continuous verification of identity. The new features help security teams to quickly identify hijacked accounts or discover forbidden account sharing even if attackers managed to pass the first line authentication -- thereby avoiding large-scale data breaches or compliance problems.

Blindspotter, a key component of Balabit's Contextual Security Intelligence (CSI) Suite Blindspotter is integrated with the company's leading system and application Log Management and Privileged User Monitoring tools and is able to ingest data from various additional sources such as leading SIEM and IAM solutions, LDAP/AD information, cloud apps and other data sources. Working in conjunction, the CSI Suite helps save costs, provides value for compliance audits and support business continuity by Security Risk Assessment and Policy Enforcement.

Infographic: Why do companies need User Behavior Analytics?

For more information about Blindspotter and its recent Awards, please visit

About Balabit
Balabit -- headquartered in Luxembourg -- is a leading provider of contextual security technologies with the mission of preventing data breaches without constraining business. Balabit operates globally through a network of local offices across the United States and Europe together with partners.

Balabit's Contextual Security Intelligence™ strategy protects organizations in real-time from threats posed by the misuse of high risk and privileged accounts. Solutions include reliable system and application Log Management with context-enriched data ingestion, Privileged User Monitoring and User Behavior Analytics. Together they can identify unusual user activities and provide deep visibility into potential threats. Working in conjunction with existing control-based strategies Balabit enables a flexible and people-centric approach to improve security without adding additional barriers to business practices.

Founded in 2000 Balabit has a proven track record including 23 Fortune 100 customers amongst over 1,000,000 corporate users worldwide.

For more information, visit www.balabit.com.

Media Contact:
Dan Chmielewski
Madison Alexander PR