|
||||
|
|
|
|
ActiveSentry Authentication is the primary means of establishing trust in the digital world, however, this trust is left largely unchecked. As fraud and data theft continues at an alarming rate, such authentication schemes are insufficient as illustrated by the volume of breaches that involve a valid credential. The primary challenge is that today's security models associate trust with authentication, leaving organizations to assume users will not violate security polices, accidentally or maliciously. ActiveSentry provides activity verification which evaluates activity for inappropriate behavior making enterprise security much more transparent. ActiveSentry accomplishes this by auditing a host of user activities including application interactions, clipboard activity, data entry, file activity, and even screen captures. Such activities are used to build up a historic record, or chain of activity. When a triggering event such as a file written to a thumb drive, a transaction is conducted, or an email is sent, this historic context is compared against a library of rules and pre-established patterns of behavior to determine if the activity presents a risk. Using patterns of behavior provides a high degree of qualification, largely eliminating false positives that have plagued solutions such as data loss prevention technologies. For instance a 9 digit number that is emailed externally may be any random piece of data, or it may be a social security number. With ActiveSentry's historic context it can go "back in time" and identify if this particular string is was actually pulled out of a core system or other sensitive repository, qualifying the event as high risk. Further, ActiveSentry is one of the only solutions that can actually catch malicious attempts to manipulate data on its way out of sensitive systems. ActiveSentry is the first solution to:
|
