Citrix Blogs

Citrix Analytics unifies threat intel with Microsoft Security Graph

Citrix enables a user-centric approach to security. Sure it’s old news by now, but it still deserves analysis because of its security implications. SaaS is replacing many enterprise applications, and much of what’s left is being moved to and hosted in public clouds. And users themselves are ever more mobile, blurring the line between work and life and using multiple devices — personal and corporate-provided — to get work done.

In this environment, traditional perimeter-based security is no longer sufficient or even viable. At the same time, the enterprise need for security is all the more critical, and it’s important to balance user productivity and security. If you’re in charge of enterprise IT, how do you know that the user who logs in from anywhere, accessing your critical applications and content, is not compromised or is not a malicious insider? How do you react quickly to bad user behavior and prevent the loss of valuable information as soon as the behavior is detected?

Citrix technologies enable users to be productive anywhere, on any available device, while at the same time securing applications and content and providing complete control to the IT admin. This was realized through Citrix Virtual Apps and Desktops, is now extended by the Citrix Digital Workspace, and encompasses SaaS and Web-based content as well.

Citrix Analytics powers the Citrix Digital Workspace to form a secure envelope around the user. It gathers data that span applications, content, and networking to get a detailed view of user activity and employs advanced ML algorithms on the data collected to monitor user activity, flag suspicious behavior, and enable automated actions. This helps the security operations team to scale easily by filtering the signal from the noise and and to address real threats quickly.

Integration of Risk Indicators from Microsoft Security Graph

We are pleased to announce the integration of risk indicators from Microsoft Security Graph to augment data collected from Citrix portfolio products.

By ingesting security risk indicators and user and entity inventory from the Microsoft Security Graph API and integrating them with Citrix risk indicators, security admins have a unified threat intelligence view across their Citrix and MS portfolio. Combing the intelligence across the product portfolios will improve the breadth and accuracy of the signals as well as enable admins to take mitigative actions across both product portfolios, as shown below.

Citrix Analytics integrates Microsoft Security graph

Citrix Analytics is included as part of the Citrix Digital Workspace, and the Microsoft Security Graph integration is part of release 1.4. You can find more about the release and features here. Microsoft Security Graph API supports multiple security providers, including some partner providers. Check out the complete list of providers and alerts.

Will you be at RSA Conference 2019? Visit us at Citrix booth #961 to find out how Citrix works for you. Attend one of our theater sessions to stay ahead of the security curve.

Exit mobile version