Real-Time Analysis of CIAM Event Data in Any SIEM System Offers Earlier Detection and Response to Wider Swath of Suspicious Activity
Janrain, the company that pioneered the Customer Identity and Access Management (CIAM) category, announced it is the first CIAM provider to deliver universal integration with major Security Information and Event Management (SIEM) systems such as IBM QRadar and others to provide Security Operations Center (SOC) analysts with early detection and response to a wider swath of suspicious activities and possible security threats.
Compromised or fake user accounts are used by hackers to launch data breaches, leaks, fraudulent transactions and other malicious activities that can result in massive fines, remedial actions, lost customers and damaged brands. The faster and more comprehensively an organization can monitor its data streams, pick out suspicious signals from the noise and act on those signals, the less the organization and its users are exposed.
SIEM platforms alert an organization’s SOC when suspicious event-based activities are detected on the network and within the application stack to help them immediately respond to brute force, fraudulent and other intrusion attempts. Janrain is now making its event data available in a format that SIEM programs can instantly consume and analyze. By combining Janrain’s data with the network traffic, server logs and other data ingested by their SIEM or log analysis platforms, clients see a higher signal-to-noise ratio thanks to the ability to look in real time at user activities related to registration, login/logout and profile modifications such as password resets, password and email changes, and even back-end configuration changes.
“Customer identity should be a central pillar in any security conversation since user accounts are often what’s hijacked by hackers to gain access to customer data. While the Janrain Identity Cloud already monitors for threats in real time with a wide variety of security and compliance-ready features, Janrain’s SIEM Integration gives customers the ability to bring a wider variety of event data points into their own SIEM platform for a much more holistic approach to cybersecurity and risk management,” said Tim Gasper, Director of Product Management, Data and Analytics, Janrain.
With Janrain SIEM Integration, clients can easily track the registration and login events associated with their metadata, including IP addresses, registration, login, authorization, user behavior analytics and other Janrain data across all Janrain-connected websites, mobile applications and identity integrations. The event data Janrain provides is streamed to the SIEM system in real time or, optionally, in batch mode, and can be processed through data visualization and other tools.
Chris Meenan, Director of Strategy, IBM Security, added, “Adding real-time CIAM login data into IBM QRadar gives our clients another critical data source for their security intelligence platform. With Janrain’s data included in our consolidated log event and network flow information, Security Operations Center analysts can save time with a single streamlined view that separates false positives from real security offenses as they occur.”