Behavioral analysis used to predict cybersecurity threats
Internet of Things security specialist ZitoVault has patented a new means of predicting upcoming cybersecurity events.
While most existing approaches only address the real-time detection of threats or anomalies based on a limited set of pre-established data points, ZitoVault's latest patent uses a new approach.
It defines how to correlate a broader array of behavioral data, including third-party data, social media, phone, text and email activity, context of searches within and outside of corporate domains, financial data, travel history and changes in HR status. The system provides a software architecture for linking users to events and to other users by partitioning the data into working units that can be processed across a distributed network of virtual hosts without losing associated context.
It also defines how to automate many of the aspects that a human investigator would use to collect independent data points. This differs from anomaly-based detection systems in that it’s based on threat storylines and actor profiles instead of on detecting the variance from predetermined data points. The new patent offers a graph-based approach via semantic networks to compare event inputs from multiple log channels against threat profiles and game theory to predict future outcomes.
"ZitoVault's patent for behavioral analysis is a huge milestone and an excellent addition to our growing portfolio of patented cybersecurity solutions," says Tim McElwee, CEO and founder of ZitoVault. "We've seen growth in both the use of cloud-based infrastructure and in the number of endpoints accessible to hackers, which is why we’re continuing to innovate outside of our existing technology and patents to offer best-in-class threat prediction and security."
The technology has been licensed by the CyberSight security intelligence platform to enable it to better predict and proactively remediating cyberattacks before they materialize.
"As the methods hackers use have become increasingly more complex and varied, it’s no longer enough to detect and block a ransomware attack in real-time. The ability to predict attacks before they happen has become crucial," says Hyder Rabbani, COO of CyberSight. "We're excited to add ZitoVault's patented behavioral analysis method for predicting impending security threats to our next generation threat detection platform."
Image credit: Tashatuvango / Shutterstock