Did you know…. 70% of companies find out about breaches through their customers and third parties.
Your organization can improve its ability to detect possible security breaches, misconfigurations, and other issues with Varonis DatAlert.
Varonis DatAlert provides real-time alerting based on file activity, Active Directory changes, permissions changes, and other events by using behavior based threat models to analyze and detect suspicious activity.
Varonis threat models uncover security issues quickly, and give context around metadata and what’s actually happening on your file and email servers, SharePoint, and Active Directory.
Their advanced behavioral alerts catch suspicious activity across every stage of a potential data breach: from initial reconnaissance to data exfiltration.
Alert criteria and output are easily configurable so that the right people and systems can be notified about the right things, at the right times in the right ways.
Protect your data from the inside out
User Behavior Analytics (UBA) or User and Entity Behavior Analytics (UEBA) focuses on that interaction, and establishes a baseline of normal behavior – so that you know when something suspicious happens.
DatAlert Analytics analyzes and detects suspicious activity and prevent data breaches – using deep analysis of metadata, machine learning, and advanced UBA.
What can you do with DatAlert Analytics?
- Find things that don’t belong: exploitation tools, ransomware, crypto intrusion, and more
- Monitor for suspicious activity, including unusual access to sensitive data and abnormal user behavior and file activity
- Track attempts to damage system infrastructure
- Analyze policy changes, membership changes, and account modifications to protect against potential exploitation
- Get the benefits of professional security experts and data scientists continuously developing new threat models based on the latest attack vectors, APTs, and insider threats
Varonis UBA Threat Models utilize thresholds, statistical analysis and machine learning to trigger alerts on what looks unusual and uncover potential security issues.
These threat models allow you to detect and fight back against:
- Insider threats
- Outsider threats
- Malware activity (including cryptolocker)
- Suspicious behavior
- Potential data breaches
- Compromised assets
Common use cases:
- Monitor sensitive configuration files on Windows and UNIX/Linux servers
- Detect changes made outside of change control windows
- Alert on access to highly sensitive data
- Alert on privilege escalations
- Automatically disable user access based on the number of events that occur within a given time period by setting thresholds
Receive immediate notifications on:
- Files accessed, modified, and/or deleted
- Group membership, group policy and other Active Directory changes
- Permissions changes
Get alerts the way you want them:
- Syslog, Event Log, SNMP, Email
- Trigger command line execution
- Easily integrate with SIEM and network management solutions
- Generate alerts based on event thresholds
For more information please contact:
Vice President of Sales