Detecting Anomalous Behavior: A New StrategyThreatTrack's Choudhary on How to Attain Real-Time Visibility
A huge part of fraud prevention is being able to detect anomalous behavior on your network. But to do so, you first need to know what normal behavior looks like. Usman Choudhary of ThreatTrack discusses how to create that network baseline.
To create this critical baseline, ThreatTrack helps customers classify their network traffic and create a profile of every host and device on the network.
"This in effect shows ... how services are being consumed and how services are being provided in a particular environment," says Choudhary, Senior Vice President and Chief Product Officer for ThreatTrack. "We keep track of all the activity and continue to update this baseline. This is what we mean by network traffic analysis and anomalous behavior in that context."
Now, there are different stakeholders in a given organization monitoring for different activity - it could be specific transactions or surges in traffic - but often they are looking at the very same anomaly, Choudhary says.
"It is the same anomaly that could be causing this disruption, but just manifesting itself differently," he says. "It all comes down to providing the relevant context for the right abstractions."In this audio interview, Choudhary discusses:
- The baseline necessary for monitoring anomalous behavior;
- Common attack indicators;
- The roles of non-IT stakeholders in effective monitoring.
Choudhary is an accomplished information technology executive with more than twenty years of leadership experience in delivering innovative software products and technology solutions. He currently serves as Chief Product Officer for ThreatTrack Security, a company that specializes in helping organizations identify and stop Advanced Persistent Threats. As Chief Product Officer, he is responsible for defining and executing the company's product development strategy and driving new cybersecurity innovations.
He leads teams responsible for the creation of new advanced threat defense technologies and security solutions, as well as oversees the company's managed security service provider (MSSP) strategy. Prior to ThreatTrack, Choudhary was responsible for shaping the security strategy and developing products for automating insider threat and breach detection at NetIQ, Novell and e-Security.