Automatic analysis of crucial actions.
The Threat Analysis feature is a solution dedicated to continuously monitoring the environment to detect and promptly alert on any suspicious activities executed using privileged credentials. This allows the security team to proactively prevent ongoing attacks.
• Significantly lower response time to attacks;
• Automatic blocking of stolen privileged credentials;
• Increased visibility into threats associated with privileged accounts;
• Access to all information associated with the incident.
Suspicious commands and behaviors are categorized by risk level. Upon detection of risks, alerts are generated and presented on a visual dashboard. This enables the information security team to take prompt action as needed.
Graphic dashboards with risk and threat information;
Alerts with detailed information about the occurrence of suspicious activity;
User session analysis with record of abnormality in reports;
Audit, command alert, and blocking capabilities, even for privileged users;
Recording of command input and output logs;
Command scoring according to the level of risk of each command;
Identification of lateral movement and privilege escalation;
Suspicious activity alerts sent to SIEM/SYSLOG.
