Contact us and save even more if you meet these Big Deal qualifications.Purchase at least $5,000 worth of Hewlett Packard Enterprise products to qualify.
Note: We Are Unable to Sell this Product to Dealers. Provantage is authorized to only sell this product to a final purchaser or licensee that has acquired it for their own use and not for resale, remarketing or distribution.
Aruba's User and Entity Behavior Analytics (UEBA) solution, Aruba IntroSpect, detects attacks by spotting small changes in behavior that are often indicative of attacks that have evaded traditional security defenses. Aruba IntroSpect integrates advanced AI-based machine learning (ML), pinpoint visualizations and instant forensic insight into a single solution, so attacks involving malicious, compromised or negligent users, systems and devices are found and remediated before they damage the operations and reputation of the organization.
With a Spark/Hadoop platform, IntroSpect uniquely integrates both behavior-based attack detection and forensically-rich incident investigation and response at enterprise scale.
WHAT WE DETECT: SECURITY ANALYTICS USE CASES
IntroSpect provides 100+ supervised and unsupervised machine learning models focused on detecting targeted attacks at each stage of the kill chain:
Account Abuse
Account Takeover
Command and Control
Data Exfiltration
Lateral Movement
Password Sharing
Privilege Escalation
Flight Risk
Phishing
Ransomware
ACCELERATED INVESTIGATION & RESPONSE
From SysAdmins to Systems to Sensors - Providing Instant Visibility
IntroSpect Entity360 is key to reducing the time and effort required to understand, diagnose and respond to an attack. Entity360 provides a comprehensive security profile with continuous risk scoring and enriched security information - analysts would otherwise spend hours or days searching for and compiling months and years of security data down to the packet level. Entity360 provides:
Profiles for users, systems and devices
Access by SIEM, NAC systems, etc. via an open API
Pre-packaged incident response playbooks
Customer-measured 30 hours/investigation savings
Automatic detection of other entities impacted by the attack
THREAT HUNTING
Proactive threat hunting is easily accomplished with a powerful query interface, without the overhead of finding, searching, and summarizing isolated data stores.
Rich analytics to test threat hypotheses across any timeframe
Automated search of historical data using IOC's from STIX and custom threat feeds
Visualizations to highlight anomalies and significant interactions
Significant activity monitored and tagged to assist with both hunting and investigations
DATA SOURCES
The IntroSpect platform processes the broadest range of data sources, including: