Introducing ObserveIT 7.0

ObserveIT has released its next major version 7.0. The company’s mission has always been to identify & eliminate insider threat by focusing on what the user is doing vs what a system or a computer is doing. The 7.0 release reflects this ideology by enhancing its user interface, bolstering its detection capabilities, adding preventative controls, and providing insight with user analytics.

New User Interface

ObserveIT 7.0 introduces a fresh feel and makes the already seamless UI even easier to use. You can now easily pivot between threat dashboards and investigational tools making identifying and investigating user activity more streamlined than ever before.

7.0 User activity feed

screen shot of ObserveIT 7.0 User activity feed

7.0 Insider Threat Dashboard

ObserveIT 7.0 Insider Threat Dashboard

User Activity Profile (UAP)

With the advent of the User Activity Profile, Security and IT teams can traverse the threat landscape of the user’s machine by analyzing active time spent on websites, newly installed applications, machine access, account usage, and much more.

ObserveIT 7.0 User Activity Profile

This view delivers a better understanding of what users typically do and provides the intel and insights administrators need on specific user activity.

Keylogging Alerts

Highly requested, from ObserveIT’s 1500 client install base, came the idea of keyword alerting. This technology enables the ability to detect sensitive keywords being typed into applications and command line tools. ObserveIT can now stay even more vigilant on users with access to critical data. For example, someone keying a lucrative project name, someone google searching a high-profile client name, or someone researching how to access the dark web. This type of activity can now be easily spotted, tracked, and honed in on ensuring you have full visibility into users with the highest level of access within your organization.

ObserveIT 7.0 Kelogging Alerts

Preventative Actions

ObserveIT now offers the ability to automatically block specific user actions. Customers can leverage the ObserveIT insider threat library of more than 200 rules; when triggered, ObserveIT can be configured to shut down an application or log a user out of a system. Security and IT teams can even customize their own specific rule logic to put these control sets in place.  For example, they could set up a rule to block privileged users from running portable applications.

Simply follow ObserveIT’s logic of who, did what, on which computer, when, and from where:

ObserveIT 7.0 Preventive Actions

ObserveIT then stands guard against out-of-policy user behavior:

ObserveIT 7.0 Preventive Actions II

Customers can take advantage of the power of user analytics and preventative controls as well as a wide range of other insider threat mitigation tools. To learn more about ObserveIT 7.0, check out a quick video on the Top 4 Features of this release. If you have not already, try ObserveIT out for yourself with a 15-day free trial here.

Leave a Reply

Archives

Categories