Sandy beaches around the world capture an incredible amount of treasure—jewelry that gets lost and seemingly swallowed up by the sand.
Eventually, someone with a metal detector will find it, but the discovery is too late to help the person who lost his treasure.
Until now, the approach to the insider threat has gone about like that. When the seriousness of it is discovered, the damage is already done.
Which is why a new company built by InfoSec veterans has just emerged onto the cybersecurity scene.
“We didn’t want to rely on third-party logs that security teams analyze after the fact; we wanted to address this problem properly, end to end, which includes the ability to stop it as it is happening.”
“It’s a tricky one because at its core, it’s a people thing,” says Mustafa. “It’s actually people doing mundane things 99% of the time, but every now and then, they do something weird. Maybe they don’t know the security policies in place, it could be an error, or it could be downright malicious.”
We spent time with the Jazz Networks team at RSAC in San Francisco, where they officially launched the company.
They tell SecureWorld that their big data and machine learning teams have created an agent-based system that gets down to the kernel level. Some 50 sensors detect what is going on in a network and on devices. The data develops a baseline for user behavior but remains easy to use and threat hunting is simplified as well.
“For instance, I’m out at a Starbucks. I’m sticking a USB into a laptop that has a problem. It could look like anomalous behavior based on the sensors that we have and would drive the threat alert up. Because our dashboard is so intuitive, the everyday security analyst can see a person that might be a high threat to the company.”
That’s Larry Satterfield, the company's Global Sales Lead.
“Once we’ve identified a potential risk our solution can take real-time action. It can be just a speed bump, sending a message to the person asking, ‘Is this you?’ to verify. ‘And if it is you, do you know you’re out of policy right now?’ It’s powerful to have them know someone’s watching. And we have the ability to isolate that machine and lock it out or stop the action in process right there and right then.”
One question we love exploring with every cybersecurity company is how the company was named. All of them agree on one element: the .com version of their name must be available. That alone can make or break an idea.
But beyond that, stories diverge. And here’s how Mustafa describes his company's naming journey.
“We spent a week coming up with names. The names were pretty bad, very geeky. So we called a marketing friend of ours for help, and we ended up going for Jazz Networks. People already have mind-share for jazz. It’s also a creative exercise, it’s about people collaborating, tag teaming and playing off each other. And it’s impossible to misspell!”
Tackling the insider threat problem in a new, real-time way and easy to spell.
Now that sounds like a company with some serious potential.