TECHNOLOGY

Real-Time Anomaly Detection at the Data Level

Identify and prevent security breaches in real time

Traditional Anomaly Detection Solutions Have Two Major Limitations

1. Anomaly detection solutions are typically deployed at the network or firewall level, rather than at the data-access level. This prevents anomaly detection solutions from detecting data requests that appear non-threatening at the access level, but malicious at the data level. And it is data that organizations must protect.
2. Many of today’s anomaly detection solutions do not operate in real time. They can help organizations discover hacking/intrusion and unauthorized access as part of a forensic investigation, but they do not enable a company to interrupt and prevent unauthorized access as it occurs.

Sotero Delivers These Anomoly Detection Advances

The Sotero data security platform provides two significant anomaly detection advances that enable organizations to detect and prevent cyber-attacks, ransomware attacks and other potentially nefarious behavior.

1. Anomaly Detection at the Data Level
Anomaly detection at the data level protects the actual assets that are the targets of malicious actors – the data. Granular access settings enable you to allow or restrict access and choose selective encryption for fields, rows, or parts of a dataset.

Role-based access controls (RBAC) allow you to control which users can see which data, right down to the (field) level. This protects data from unauthorized access, even from database administrators at your company or at your cloud provider who have direct access to the system, but do not need to view the underlying data. Even if an attacker is able to break into the network, he or she is likely unable to get past the data level.
2. Machine Learning
Sotero anomaly detection employs a machine learning (ML) engine that recognizes and blocks intruders in real time, before unauthorized access is granted and a breach occurs. It replaces the rules-based approach with real-time machine learning to provide a context-based anomaly detection framework. Pattern protection algorithms enable the system to continually learn with every signal or event.