Advanced Host-Based Session Recording, Auditing, and Reporting

Prevent Spoofed or Bypassed Privileged Access

Auditing and recording sessions on the server being managed results in deeper insights and better control over privileged access in your environment. No matter how or where sessions originate, Centrify's host-enforced auditing and recording cannot be bypassed and ties all privileged activity to an individual.

Thwart Attacks and Gain Granular Visibility into Privileged Activity

Prevent the bypassing of session recording with host-based auditing.

Shell-level and process-level monitoring for high-risk systems are virtually impossible to spoof.

Prevent backdoor creation of SSH keys that increase your attack surface.

Create a single source of truth for privileged sessions initiated from anywhere.

Identify abuse of privilege with high-fidelity recordings of sessions and indexed session metadata.

Search for and quickly find specific events in a session and jump directly to that event for replay.

Prove privileged sessions are controlled and audited for regulatory compliance.

Easily integrate with SIEM for alerts and immediate incident response and remediation.

Gateway-Based Session Auditing and Video Capture

Host-Based Session Auditing and Video Capture

Prevent malicious attackers from bypassing privileged access audit controls by capturing and collecting detailed metadata and a high-fidelity recording of every session — on the server. Centrify Platform’s insights gathers audit trails and session events that detail privileged activity on any server, by any user, and at any given time.

Threat Detection and Deep Forensics with Process-Level Auditing on Linux

Centrify’s host-enforced auditing uniquely monitors at the shell and process levels and is virtually impossible to spoof. Malicious commands hidden in shell scripts or behind aliases are detected with process level monitoring and sent to SIEM systems for real-time alerting.

Monitor for Creation of Backdoor Accounts on Linux

Centrify monitors for the creation of backdoors whose existence make privileged access to infrastructure convenient instead of secure. Centrify Cloud Audit and Monitoring Service detects a growing attack surface by identifying changes to critical files — such as creating an SSH key — in real-time and triggers security alerts.

Indexed and Searchable Database of Session activity for Individual Accountability

Simplify Forensic Investigations with Indexed Privileged Activity

Find suspicious user activity, conduct forensic investigations, and prove compliance with an easily searchable archive of all privileged sessions and indexed events. Search by user, system, or event and playback from the point that privilege abuse occurred to determine the source of a security incident.

Report on Access, Checkouts, Sessions and Use of Privilege Across Your Infrastructure

Govern Privileged Access and Prove Regulatory Compliance

Reconcile approved privileged access versus actual activity on a server for governance. Gain visibility into privileged access and events through Centrify Platform’s insights customizable queries. Prove compliance with regulations and mandates through reporting on privileged access controls, activity, and session events across Windows, Linux, and UNIX.

Easy Integration with SIEM, Alerting and Reporting Tools

Streamlined Integration with SIEM, Alerting and Reporting Tools

Privileged access data is captured and stored to enable robust querying by log management tools and integration with external reporting tools. Streamlined integration with SIEM and alerting tools such as Micro Focus® ArcSight™, IBM® QRadar™, and Splunk® identify risks or suspicious activity quickly.