Insider Threat Detection

Insider Threat Detection

As media outlets broadcast security breaches with household names like Target and Home Depot, hundreds of less-famous breaches are occurring every day. Most of these have one thing in common; they come from the inside. As a result, IT organizations and the industry at large are beginning to shift their threat mitigation strategies.

One such recent shift occurred when Microsoft drew attention to a small Israeli startup, Aorato. The promise of threat detection technology that sees insider behavior and identifies threats before a serious breach occurs led Microsoft to consider acquisition of this company without even a hint of revenue.

But while Aorato’s packet-sniffing-appliance approach is innovative, there is an alternative solution that may provide organizations with even greater visibility and a more seamless approach, true SIEM integration and the ability to block activities from occurring.

The StealthINTERCEPT® product from STEALTHbits Technologies is a security interception technology that installs a lightweight agent on Active Directory domain controllers. By installing on each domain controller, the entire network is covered without the need to reconfigure switches or place appliances in every data center.

StealthINTERCEPT provides real time insight into insider threats and alerts on unusual user behavior. Security professionals receive alerts for both administrative actions and user behavior that is out of the norm. Scenarios such as brute force attacks, horizontal movement of accounts, pass the hash and pass the ticket, sensitive account hacking, Active Directory security group modifications, GPO changes, unusual user login behavior and many other high-risk scenarios are detected using proven security interception technology.

As an IBM, HP, and McAfee partner, StealthINTERCEPT’s SIEM output provides insider threat intelligence to IBM QRadar, HP ArcSight, and McAfee Enterprise Security Manager, extending the value of these leading SIEM products and delivering insider threat intelligence for a single pane of glass view.

For more information on StealthINTERCEPT real time threat intelligence, contact STEALTHbits Technologies, www.stealthbits.com, (201) 447-9300.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.