How BalaBit adapted machine learning to secure privileged account 'blind spot'

In an unassuming building on the outskirts of Budapest engineers working for small Hungarian security firm BalaBit have spent the last three years working on technology its makers are convinced can contain one of cybersecurity's most intractable woes. In 2014 the relatively unknown firm launched a system called Blindspotter which, as its name suggests, gives its customers mostly in finance and telco sector buyers the ability to see things most networks barely acknowledge as existing let alone attempt to look for. Blindspotter is designed to watch what network users are doing in a lot of detail, a boon for organisations that worry about user credentials being abused, either deliberately from within by attackers who've somehow pilfered them. When used in conjunction with the firm's network proxy appliance, Shell Control Box (SCB), organisations suddenly have the ability to monitor their whole infrastructure using measurements of user behaviour rather than packets, ports and protocols. The system's real intrigue isn't what it does – cybersecurity is already chock full of network monitoring in different forms – so much as how it does it.