Security : Cyber Attacks : :
User-Centric Solution Enables Rapid Response to Breaches
September 17, 2014 10:00 AM
ObserveIT, a pioneer in user activity monitoring, has announced important new alerting and analytics features that enable security teams to instantly discover and respond to user-based threats. ObserveIT 5.7 also includes the company’s proven auditing and forensic capabilities, creating a complete user-centric security platform.
“User-based attacks – whether from hackers using stolen credentials, careless third-party vendors or negligent or even malicious insiders – represent the biggest security threat to traditional, infrastructure-focused security solutions,” said Paul Brady, ObserveIT’s CEO. “ObserveIT 5.7 provides security teams with a comprehensive solution that instantly identifies suspicious, abnormal or out-of-policy user activity, and provides conclusive evidence to identity the actual offender.”
The analytics engine in ObeserveIT 5.7 continually analyzes user activity to alert security teams to any behavior that is out of role, suspicious or violates a company’s policies. The analysis engine provides an intuitive and easy to configure rule engine, enabling security teams to tailor analytics and alerts to their specific needs. ObserveIT sends these alerts directly to IT security staff or integrates them into a company’s existing event management and incident response workflow. Alerts are integrated throughout the product and are even overlaid into ObserveIT’s visual playback of user activity, providing security teams with a video-like replay of the exact actions that produced an alert.
While security personnel spend time protecting against external attacks, they’re often missing the biggest source of data breaches: user-based attacks (account hijacking, stolen passwords, careless third party vendors or insider threats).
“Security professionals understand that timing and context are key for incident response and remediation,” said David Monahan, Director Security and Risk Management, Enterprise Management Associates. “The new alerting, analytics and SIEM integration capabilities in ObserveIT 5.7 address both of these needs. These features move ObserveIT from primarily a forensic response tool to a detection solution with forensic capabilities.”
Also new in ObserveIT 5.7:
- HP ArcSight Integration: Native integration with HP ArcSight generates common executable format (CEF) security information and event management (SIEM) log files. Incorporating ObserveIT user activity and alert data within ArcSight is seamless and effortless, and provides direct links to relevant portions of user session video recordings and activity alerts.
- Greater Control of Unix/Linux Recording and Logging: New data recording policy for Unix/Linux systems gives administrators greater control of how much data is recorded during user sessions, and how much memory is used.
- New Platform Support: ObserveIT 5.7 includes support for user activity monitoring on 64-bit Debian 6 and Debian 7 machines.
ObserveIT, a pioneer in User Activity Monitoring, provides a new user-centric approach to IT security to address the fastest growing security threat, user-based attacks. ObserveIT provides screen-recording technology to capture all user activity and converts it into a video playback that is easy to review and understand. Our visual interpretation technology turns these video recordings into User Activity Logs that our solution makes easy to search, analyze, audit and alert on.
ObserveIT is currently in use in more than 1,200 companies in 70+ countries.