RISK MANAGEMENT & HIGH RETURN

주식회사 리마는 최고의 글로벌 정보보안 제품을 국내 고객들에게 제공하고 있습니다.

ObserveIT

User Monitoring Insider Threat Detection User Activity Scoring Indicator

Checkmarx

Best Fix Location Incremental Scan Rule Customizing

Consulting

Compliance Source Code Diagnostic Evaluation Flexible Reports

제조사 기술 백서

ObserveIT

Introducing ObserveIT 7.5: A Modern Approach for a Post-DLP World

Introducing ObserveIT 7.5: A Modern Approach for a Post-DLP World

3 New Capabilities Introduced in ObserveIT 7.5

1. Gain Greater Visibility into Web Applications

A key aspect of any effective insider threat program is gaining visibility into the activity of contractors, third-party developers and employees to prevent the loss of sensitive intellectual property. This release provides security analysts with granular visibility into activity on sensitive IP stored in web-based systems of record, such as:

  • SharePoint
  • WorkDay
  • SalesForce.com
  • …and much more.

ObserveIT’s lightweight user-mode agent can track activity such as renaming, deleting, copying or moving data downloaded from web apps, without requiring any additional browser plugins and across all platforms. Legacy DLP players require both browser plugins and kernel-level agents for visibility into web applications — an approach that’s heavy on the endpoint resulting in end user experience suffering, mounting user frustration, and a solution that is difficult to deploy and maintain.

With ObserveIT, security analysts can leverage a robust insider threat library of 300+ common insider threat indicators, built based on CERT research and input from our more than 1,700 customers. Alternatively, customers  can configure their own indicators to trigger real-time alerts when the movement of sensitive IP is detected within the organization.

2. Prevent Exfiltration of Sensitive IP to the Web

We frequently hear prospects are most concerned with web-based exfiltration of sensitive IP. With version 7.5, we’re continuing to invest in a broad range of data exfiltration use cases. While traditional DLP and CASB vendors require browser plug-ins and API-based integrations limited to a handful of SaaS applications, ObserveIT’s user-mode agent provides end-to-end file activity monitoring, along with real-time alerting for data exfiltration attempts to any web application, including:

  • Email apps such as Gmail and Yahoo Mail
  • Social media sites, including Facebook and Twitter
  • Cloud storage solutions such as DropBox and WeTransfer
  • and many more.

Detect Data Exfiltration

3. Access APIs + Integrations in Our Developer Portal

ObserveIT is deeply integrated within the security fabric of organizations, with native integrations into top software and systems. With this release, we’re launching a revamped developer portal that enables our customers and partners to easily build or extend integrations with top SIEM, security automation and orchestration, and ticketing solutions. Besides the out of the box native apps for Splunk, IBM QRadar, LogRhythm, and others, developers can use the RESTful APIs to access comprehensive metadata around users and their data activity with real-time alerts.

Let us know what you think!

As a company, we’re constantly striving for continuous improvement by providing the features and functionality you need most to protect your company from the inside out.

Not an ObserveIT customer yet? Try ObserveIT free