Behavior Analysis
Identity Intelligence
- Visual trend analytics on user behavior including authentication patterns, application usage habits, etc.
-
Pin point high risk users based on machine learning and clustering of peer behavioral patterns.
-
Constantly monitor high-profile users by adding them to the ‘Watch List’, and prioritize alerts on activities of Super Users.
Asset AutoDiscovery
-
Automatically discover all devices across your entire network, providing insight into device type and OS, plus validation of whether devices are managed or unmanaged, and whether endpoint security is installed.
-
Use anomaly detection technology built on advanced machine learning, to learn and profile the organization’s unique behavior, and alert in real-time on threats that are specific to your network.
-
Visualize device connectivity within your network, and identify whether a device is communicating over the right protocols, with the right port numbers.
Find. Monitor. Alert for Anomalous Behavior.
You may take your eyes off your network, but rest assured we won’t. With the dynamic nature of the network environment, it is fundamental to continuously monitor and collect real-time data across systems, to adapt your security program and better protect the business.
LinkShadow allows you to classify nodes through automated discovery of the entire IT infrastructure within the enterprise, to ensure all assets are protected and up-to-date for the compliance audit. Drill down into the details to answer critical questions around how many systems are managed and unmanaged in your network, do they have endpoint security or not, and what is the type of device.
Threat Shadow
See. Detect. Flag threats in real-time.
ThreatShadow presents CISO with an overall compilation of AI from all the Machine Learning algorithms built into the system, allowing CISO to focus on real threats that matter. ThreatShadow helps CISO draw the line between false positive and critical incidents. Using intelligent threat scoring and collective profiling of entities and users, ThreatShadow identifies risks taking place in the environment right now and presents CISO with visual representation indicating where did the risk originate from as well as where is it heading to in case the threat is laterally moving across the network and assets.
ThreatShadow allows CISO to cross compare the current environment situation with previous dates to verify if certain threats are persisting across time. This feature helps CISO identify the most vulnerable assets and users as well as evaluate the efficiency of other security systems such as firewalls and end-point security.