What it is
A solution dedicated to environment monitoring in order to detect and send real-time alerts of any suspicious action performed with privileged credentials, allowing the security team to prevent an ongoing attack.
- Reduced response time to attacks;
- Automatic blocking of stolen privileged credentials;
- Visibility of threats associated with privileged accounts;
- Access to all information associated with the incident.
How it works
A list of suspicious commands and behaviors in the environment is classified according to the level of risk. Whenever risk are identified, alerts are issued and consolidated on a graphic dashboard. The information security team can therefore take immediate action if necessary.
- Graphic dashboards with risk and threat information;
- Alerts with detailed information about the occurrence of suspicious activity;
- Analysis of user sessions with record of abnormality in reports;
- Audit, command alert and blocking, even for privileged users;
- Recording of command input and output logs;
- Command scoring according to the level of risk of each command;
- Identification of lateral movement and privilege escalation;
- Sending suspicious activity alerts to SIEM/SYSLOG.
- Self-learning of operating machine history and user behavior to identify any change that represents a threat;
- Scoring, monitoring, alerting and command blocking based on whitelist and blacklist;
- Automatic response for detection of threats without human intervention.
Request a trial demonstration now and discover the benefits of senhasegura for your company: