Product Highlights

Insider Threat Detection and Prevention

Identify and eliminate insider threats with ObserveIT.

90% of security problems are caused by people.
Source: Verizon Data Breach Investigations Report 2016

Insider Threat Detection

Uncover risky user activity by identifying anomalous behavior in real time.

Insider Threat Rules

  • Rely on hundreds of carefully calibrated, out-of-the-box Insider Threat Rules
  • Gain insight into 25 risk categories (all customizable by user group)
  • Categorize website visits and enable alerts based on risky activity

Insider Threat Intelligence & Reporting

  • Enhance security operations and regulatory compliance with detailed reports
  • Investigate and view information about any user’s activities

Secure Key-Logging

  • Detect inappropriate activity in real time
  • Trigger alerts  on sensitive keywords and commands typed
  • Detect data exfiltration attempts when users type protected keywords

Learn More

Incident Investigation

Investigate risky user activity in minutes—not days. Gain a comprehensive, 360-degree view into user behavior.

User Session Recording

  • Record user sessions for visual  playback of exactly  what happened, when, where, and why
  • Rich, user-centric metadata provides full context of any user session
  • Precise activity trails show every user action
  • Receive easy-to-understand alerts based on user activity
  • Easily search through captured sessions and get a breakdown of each user session

Learn More

Insider Threat Prevention

Reduce risk with real-time user notifications and blocking. Directly enforce company security policy—automatically and in real time—to promote security awareness and prevent insider threats.

Block Out-of-Policy Actions

  • Block user activities that breach security or violate company policies
  • Stop incidents before they can progress

Real-Time User Notifications

  • Warn users against proceeding with actions that violate policy
  • Notify users that policy violations will be recorded and reviewed
  • Reduce non-compliant actions by 80% with real-time warnings
  • Optimize security and IT processes by collecting user feedback

Learn More

Compliance

ObserveIT helps organizations meet appropriate compliance requirements across a range of frameworks.

Secondary Authentication

  • Require a secondary challenge-response for user using shared account IDs
  • Increase visibility into who did what, even when credentials are shared by team members
  • Secure shared accounts

DBA Auditing

  • Monitor SQL queries executed by DBAs against production databases
  • Capture SQL query activity
  • Review SQL queries performed by date and other criteria

Reporting

  • Generate basic reports from preconfigured templates
  • Produce flexible application usage reports and trend analysis reviews
  • Create comprehensive customized reports based on their own requirements
  • Aggregate or summarize  information about all monitored user activity

Learn More

User Privacy Protection

Anonymize user data to protect employee and contractor privacy, meet regulations, and  maintain trust with your users.

Anonymization Mode

  • Encrypt and obfuscate all personal user information
  • In anonymization mode, information remains hidden unless specifically
    requested and approved by an authorized administrator
  • Meet stringent privacy laws, including the EU General Data Protection Regulation

Learn More

Tool Integration

ObserveIT natively integrates with major SIEM tools, ticketing systems, log management applications, and more.

Integrations

  • Gain a holistic view of your organization’s IT security
  • Enable deeper insight into what’s going on across systems
  • Access ObserveIT data quickly via top SIEM & automation tools
  • Integrate ObserveIT insight into:
    • Splunk
    • HP ArcSight
    • IBM QRadar
    • LogRhythm
    • Securonix
    • Exabeam
    • ServiceNow
    • Lieberman

Learn More