Over 1,400 Customers Worldwide

ObserveIT is the Global Leader in Identifying & Eliminating Insider Threats

2016 Innovation

Award

ObserveIT 6.7 Release HighlightsNovember 2016

Speakers

Kevin DonovanSolutions ArchitectITPM

Michael GordoverSolutions Architect(ISC)² Associate CISSP, ITPM

John VigeantVP Sales, Americas

3

Insider Threat is a Big Problem

90%of security incidents are caused by people

58%of breaches are caused from internal incidents or with a business partner’s organization

55% of attacks are originated by an insider

Source: Verizon 2015 Data Breach Investigations Report Forrester’s Global Business Teechnographics Security Survey 2015 2015 IBM Cyber Security Intelligence Index

4

The Challenge: Visibility & Privacy

Data exfiltration (USB, printing, web)Granting / elevating access privilegesUnauthorized software access, downloadsQuestionable web activities (dark web, gambling)

… and all must meet regulatory compliance standards

Before 5.0User Activity Monitoring

5.5User Activity

Alerting

6.0Dashboard User Risk

Scoring

2006 20162014 - 2015

DETECTINVESTIGATE MITIGATEINTEGRATE ANALYZE

6.5Alert Engine Overhaul

Security Awareness

ObserveIT History

6.7Enhanced Alerts

Web CategorizationAnonymization

180 Rules to Protect Your Data

Built-in threat categories include:• Application Data Theft• Bypassing Security Controls• Creating Backdoor• Data Exfiltration• Privilege Elevation• Unauthorized Admin Tasks• Malicious Software• Shell Attack• System Tampering• Unauthorized Shell

Alert rules are automatically mapped to specific user types (e.g., privileged, remote vendors, terminated employees) with a different risk level for each specific user group (these settings can also be user-customized if desired).

Zero configuration time for most common insider risk issues

1

Auto-configuring rules to identify risk behaviors based on roles, applications, and systems

Full Web Monitoring

Know when users visit out-of-policy website categories for increased visibility into online user behavior and detection of phishing/infections

Website categories are indicated in alerts and reports for greater visibility into user behavior.

See the story, not just HTTP/S requests, including encrypted traffic and dynamic contentNo impact to business operations (versus blocking)No expensive network appliances to manage

2

Detect Data Exfiltration through PrintRule-based monitoring of print job sent to local or networked printers

What is being printed

Number of pages sent to printer

Printer name (local or network)

Large print operation

3

Guarantee Employee Privacy

Selective anonymization of user names, login accounts and computers forenhanced user privacy and regulation compliance

Process to Expose individual users for deeper inspection

Exclude specific groups from being anonymized (e.g., remote vendors)

User Identity Anonymization for GDPR compliance

4

User meta-data integration

Easily create and manage complex list-based rules

Import lists

While and black-list

5

Augment active directory roles with additional data and segmentation on users

Mac Agent SupportFull video and metadata recording on Mac desktops, laptops and servers

Brief Demo

5 Reasons to upgrade to v6.7• Full website monitoring

• New Insider Threat Library

• Track Print Jobs

• Privacy with Anonymization

• Easily import user meta-data

Contact US

• Existing Customers – free upgrade (contact Sales or Support)Sales@ObserveIT.com or Support@ObserveIT.com

• New Customers – Download trial at: http://www.observeit.com/tryitnow

Thank You