It isn't possible to stay ahead of 'bad guys' when your monitoring is limited to 'known bad' behaviors. You need a system that can detect unknown attack profiles as they develop.
Prelert’s sophisticated behavioral anomaly detection techniques give you capabilities that you just can't get with rules and thresholds. How about monitoring large numbers of servers to get alerted when their normal network traffic ratios switch from consumer to producer? Or automatically knowing the normal behavior, across multiple parameters, of users accessing a resource and spotting significant outliers.
Leading Digital Marketing provider, Responsys, uses population analytics to quickly find employees that have inadvertently infected their PCs with malware.
Prelert automatically analyzes the PC network to find PCs that connect to rogue destinations that aren't typical.
A government agency analyzes DNS and proxy logs to prevent unauthorized use of agency infrastructure.
Without the need to define rules for specific text strings or URLs, Prelert identifies users connecting to undesirable sites.