News Feed Item

Awake Security Unveils Advanced Security Analytics Solution Proven to Make Investigators 10X More Productive

Awake Security today announced the general availability of its advanced security analytics solution, the only offering to deliver deep visibility and answers to questions that cannot even be asked today. The solution’s patent-pending Security Knowledge Graph™ data model uses machine learning and data science to automate painstaking analyses expert investigators perform. In early customer deployments with Fortune 500 security teams, Awake has improved productivity tenfold, allowing teams to detect, investigate and hunt for threats that were previously missed.

The company also announced today that it has closed more than $30 million in funding from leading venture firms Greylock Partners and Bain Capital Ventures.

Awake’s advanced security analytics provide security teams the insights needed to immediately understand the scope and impact of observed behavior and investigate only credible alerts and threats. By cutting out cumbersome tasks during the investigative process, Awake enables analysts to focus on high-value security work, speeding the detection of insider threats, corporate espionage, lateral movement and data exfiltration. By capturing the knowledge and conclusions a security team develops while doing its work, Awake lets teams get better and more effective every day; facilitates collaboration, training and evaluation; and makes security work more rewarding.

“Security tools today generate massive amounts of alerts and data, but have utterly failed to account for how useful or contextual that data is to security teams. As a result, analysts have to manually connect the dots to hunt for threats, an exhausting process for even the most experienced investigator,” said Gary Golomb, Awake’s cofounder and a world-renowned investigator. “Awake is unleashing a new model for security operations by letting analysts explore devices instead of IP addresses, people instead of packets, data instead of protocols and activities instead of sessions. This empowers the analyst to target and stop the threats that truly matter.”

A Solution to Detect, Investigate and Hunt for Threats that are Currently Missed
Developed based on research with hundreds of security professionals and more than a dozen Fortune 500 and Global 2000 SOCs, Awake uses machine learning and data science to embody the expertise of the world’s foremost investigators in a broad-based analytics solution.

"From operations to stores to ecommerce, our digital strategy is transforming our business," said Richard Noguera, CISO at Gap, Inc. and an Awake Security design partner. "And security is foundational to our strategy. We are continuously looking at the latest techniques and technologies for rapid threat detection and response. Our partnership with the Awake team has allowed us to provide our feedback while engaging with world-class investigators and security professionals to help design and build their solution - a truly refreshing approach."

The Awake hybrid SaaS architecture has two key components: the Awake Analytics Hub that resides in an organization’s on-premises or cloud environment, and the SaaS back-end hosted in the Awake cloud, which provides operational monitoring, software upgrades and intelligence updates to each Analytics Hub. Awake’s advanced security analytics rest on a proprietary set of rich parsers that capture and process data requiring no integrations other than a simple network connection.

Awake then uses a multidisciplinary approach that leverages patterns, heuristics, and machine learning to build a patent-pending Security Knowledge Graph data model that automatically identifies and tracks real-world entities such as devices, users and domains. Analysts can then interrogate this model using a human-friendly vocabulary. The Security Knowledge Graph also captures the conclusions and discoveries made by team members, improving collaboration and training while preserving otherwise undocumented tribal knowledge.

The Security Knowledge Graph enables and is enriched by EntityIQ algorithms that surface notable entities within the model and cluster similar ones. Through the wokflow-driven Awake user interface, EntityIQ can also predict the questions analysts are likely to ask, pointing them to the next investigative path quickly and effectively.

Awake’s ActivityIQ analytics correlate network traffic to entities in the data model and visualize the attack timeline as a victim would experience it and as a skilled investigator would piece it together. Awake thus eliminates the need to sift through raw data.

By offering the ability to accurately understand entities and associated activities in near-real time, Awake allows analysts to focus on high-value security work, including:

  • Network Traffic Analysis: Awake’s entity-centric view lets analysts see all network traffic, with devices fingerprinted and tracked across IP addresses. It offers insight into internet of things (IoT), BYO and other devices not discoverable with log or agent-based approaches. Watchlists created using Awake’s behavioral query language also help detect attacker activity that occurs after an initial compromise, which today often goes unnoticed.
  • Alert Investigations: Analysts can easily pivot from an alert indicator to a deep device understanding. This includes behavioral analytics about the device and analysis of similar devices for wider campaign analysis. By viewing consequential artifacts associated with the device, analysts know what questions to ask next.
  • Proactive Threat Hunting: Awake provides analysts with investigative starting points by highlighting notable entities exhibiting anomalous behavior. The rich and responsive user interface enables efficient hunting by allowing analysts to quickly filter and query the Security Knowledge Graph data model in real time, not just for indicators of compromise, but also for entity behaviors and activities.

“When it comes time for a security analyst to roll up their sleeves and dive into an incident, the flood of event information from security tools can be more distracting than helpful,” said Eric Ogren, senior security analyst at 451 Research. “The network doesn’t lie, so tapping into network data, automating the analysis and presenting it in a way that will help connect the dots in an investigation will make a significant impact in empowering analysts to more efficiently clear investigations.”

The Awake advanced security analytics solution is available immediately. For more information, please visit: http://www.awakesecurity.com.

About Awake Security
Awake Security provides the only advanced security analytics solution that delivers deep visibility and answers to questions that cannot even be asked today, improving productivity tenfold. The company’s patent-pending Security Knowledge Graph™ data model uses machine learning and data science to automate painstaking analyses expert investigators perform. It identifies and tracks network entities as humans think of them and highlights entity attributes, relationships, behaviors and activities. This enables analysts to proactively detect, hunt, investigate and respond to threats. Awake is built on a foundation of more than two years of research with hundreds of security professionals and more than a dozen security teams. The company is backed by Greylock Partners and Bain Capital Ventures and is based in Mountain View, CA. Learn more at http://www.awakesecurity.com and follow Awake on Twitter (https://twitter.com/awakesecurity), LinkedIn (https://www.linkedin.com/company/awake-security) and Facebook (https://www.facebook.com/AwakeSecurity/).

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
DX World EXPO, LLC, a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Conference Guru has been named “Media Sponsor” of the 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to gre...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"ZeroStack is a startup in Silicon Valley. We're solving a very interesting problem around bringing public cloud convenience with private cloud control for enterprises and mid-size companies," explained Kamesh Pemmaraju, VP of Product Management at ZeroStack, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...