A system detecting user credentials and investigating security alerts; A centralised system analysing, collecting logs and correlating the behaviour of users in the computer network, and providing the option to collect data and perform data analysis without human intervention.

Having completed the analysis, the system provides the result using a point system ranking each risk user, and allows the interactive tracing of all events involved in the calculation of the respective risk index.

The system has the following functions and capabilities:

  • Detects compromised user credentials: Detects malicious users within or outside of the organization who have control over the credentials of the network user, regardless of the vector of the attack or the malware;
  • Detects compromised privileged users: Identifies specific attacks against privileged users, such as DBA, who have special access to sensitive systems;
  • Detects access to executive assets: Promptly detects unauthorised access to predefined resources (such as important stored information) as a result of hacker attacks or malware;
  • Identifies the behaviour of employees / executives engaged in risky or malicious activities;
  • Investigates security alerts: Provides full information about the users and assets associated with security alerts AV software and DLP solutions;
  • Traces the user session by use of the existing logs;
  • Analyses and compares sessions from all users aiming to detect abnormal activity.