The security intelligence technology platform aims to enable both automated threat discovery and incident investigation.
Security vendor Niara
officially exited stealth mode today, providing details on its security intelligence technology platform. Niara has raised a total of $29.4 million in funding, including a $20 million Series B round led by Venrock and with the participation of New Enterprise Associates and Index Ventures that was announced
on April 12.
Niara's technology makes use of big data security analytics to help organizations defend themselves against modern IT threats, according to CEO and co-founder Sriram Ramachandran.
"The Niara Security Intelligence solution gets deployed into an existing ecosystem of all the different security tools," he said. "We pick up where those other tools leave off."
Security risks that are well-known and -understood by existing technologies are not the focus for Niara, Ramachandran said. Rather, Niara's technology looks in the gray zone, where determining risk and threat is somewhat more challenging. The threats Niara is aiming to discover often are multistage attacks that happen over time and aren't typically easily identified as either being good or bad traffic, he said.
The Niara platform aggregates and correlates data over time that represents the activity of a user, application or a device in an organization. The behavior of the user, application or device is observed over time to help potentially expose the risk of a sophisticated threat.
"We are building analytics and forensics into a single unified system, and that's our core innovation," Ramachandran said.
The Niara Security Intelligence solution can run either in the cloud or on-premises at a customer location. Ramachandran said that Niara can take in multiple forms of data, including systems logs and network flows. Niara has its own packet processor that can read from a network port or from an existing packet recorder technology that an organization might have, he added.
Niara provides its users with a Google-like dashboard to more easily expose information about an entity in an organization, according to Ramachandran. With Google search today, many popular search terms will also bring up a synopsis of key facts, making it easier for a user to consume the information.
"In our system we collect all the information we have, including timelines, analytics and forensics, into something called the entity 360 view," he said. "Users get a rich visual panel for each entity."
The entity 360 provides a threat score for a given item that can help determine risk, Ramachandran added. Each item that contributes to a threat score for an entity can be exposed for greater detail so a customer can drill down to the packet level.
The idea of providing greater visibility into activities across an organization for security purposes is one that a number of vendors are now chasing. Security vendor LightCyber, for example, announced
in May its new breach technology that is able to correlate network traffic with endpoint processes.
Generally speaking, Ramachandran said, how Naira differentiates itself from others in the market is by delivering both automated threat discovery and human-assisted threat discovery. In addition, with its forensics capabilities, Niara can provide incident investigation and response capabilities, he added.
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist.