Security | News

U Maryland Scrutinizes Computer Changes with Triumfant

• By Dian Schaffhauser
• 05/09/12

The University of Maryland Institute for Advanced Computer Studies (UMIACS) has put in place a program that monitors computers for changes to attributes in order to detect possible security breaches. Among the machines in use at UMIACS are those run by the Maryland Cybersecurity Center. The Institute, which promotes interdisciplinary research and education in computing across its College Park campus, is deploying Triumfant's Resolution Manager on about 200 machines in its operations.

Resolution Manager is intended to detect malicious activity that evades other security mechanisms. It does this by continuously monitoring for changes to registry keys, processes, services, event logs, security settings, hardware attributes, open ports, performance metrics, and system calls. That data feeds into an analysis in the context of the rest of the machine population, to gain a quick assessment about a given computer and identify whether or not the changes are anomalies and possibly malicious. The program then applies remediation for each detected attack.

"The University of Maryland's Institute for Advanced Computer Studies is partnering with Triumfant to improve our site's security with their anomaly detection and analysis software," said Fritz McCall, director of computing at UMIACS. "Our goal is to continuously audit the effectiveness of our preventative security measures and configuration management techniques. We are extremely excited about the possibilities. Triumfant has a unique focus on analyzing a wealth of system data and presenting it in accessible reports that can be easily analyzed by our administrators."