Automatic analysis of crucial actions.
What it is
A solution dedicated to environment monitoring in order to detect and send real-time alerts of any suspicious action performed with privileged credentials, allowing the security team to prevent an ongoing attack.
Request a demo with an expert and understand what your business needs
Reduced response time to attacks;
Automatic blocking of stolen privileged credentials;
Visibility of threats associated with privileged accounts;
Access to all information associated with the incident.
How it works
A list of suspicious commands and behaviors in the environment is classified according to the level of risk. Whenever risk are identified, alerts are issued and consolidated on a graphic dashboard. The information security team can therefore take immediate action if necessary.
Graphic dashboards with risk and threat information;
Alerts with detailed information about the occurrence of suspicious activity;
Analysis of user sessions with record of abnormality in reports;
Audit, command alert and blocking, even for privileged users;
Recording of command input and output logs;
Command scoring according to the level of risk of each command;
Identification of lateral movement and privilege escalation;
Sending suspicious activity alerts to SIEM/SYSLOG.
- Self-learning of operating machine history and user behavior to identify any change that represents a threat;
- Scoring, monitoring, alerting and command blocking based on whitelist and blacklist;
- Automatic response for detection of threats without human intervention.