Products

User Behavior Analytics (UBA)

Leverage User Behavior Analytics to Minimize Your Risk Exposure

Today’s threatscape requires security controls to be adaptive to the risk context, using machine learning to analyze a privileged user’s behavior carefully. Adaptive control notifies you of suspicious activity in real-time but also allows you to actively respond to incidents by cutting off sessions, adding additional monitoring, or flagging for forensic follow-up. Centrify Privilege Threat Analytics Service can make the difference between falling victim to a breach or stopping it in its tracks.

Gain Insight and Stop Breaches

Machine learning establishes the baseline for “normal” access, privilege use, and executed commands.
Quickly identify and investigate suspicious activity and security events that triggered an anomaly alert.
Single location for monitoring active sessions or reviewing video recordings of privileged sessions.
identity-intell-holistic-view

Visibility into Access Risk Ecosystem

Leverage a series of interactive dashboards for better visibility into IT risk and access patterns across your infrastructure. Automated tailoring of security policies based on a user’s behavior and near real-time identification of suspicious activity results in an holistic view of access risk. It eliminates the overhead of sifting through log files with massive amounts of historical data.

investigative-analysis-identify-request-events

Flexible Tools for Detailed Analysis

Better understand privileged access patterns and security events by drilling into details about security alerts, systems, access location, access time, privileged commands, and more. Security teams can drill into individual events to understand the relative risk level they pose. The tool computes risk scores in real-time for every event and categorizes them as high, medium, or low.

investigative-analysis-id-anomalies

Streamlined Threat Monitoring and Investigation

Gain streamlined insight into sessions with anomalous activity through a detailed timeline view. Identify the specific activity contributing to an anomaly for a comprehensive understanding of a potential threat. Security teams can view system access, privilege use, and anomaly detection in high resolution with analytics tools such as dashboards, explorer views, and investigation tools.

Streamlined Integration with SIEM, Alerting and Reporting Tools

Easy Integration with SIEM Tools

Privileged access data is captured and stored to enable robust querying by log management tools and integration with external reporting tools. Streamlined integrations with SIEM and alerting tools such as Micro Focus® ArcSight, IBM® QRadar, and Splunk® raise identified events or abnormal behavior to the security team in near real-time for quick action.

webhook-setup

Automate Alerts through Webhook-Enabled Endpoints

Leverage Slack or on-board incident response systems such as PagerDuty to enable real-time alerts, eliminating the need for multiple touchpoints and improving time to respond. When an alert event occurs, Centrify Privilege Threat Analytics Service forwards the alert to the third-party application via a Webhook. This capability speeds response to security alerts and improves containment.

Learn More about Centrify Privilege Threat Analytics Service

Ready to Protect Against the #1 Attack Vector?

Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.

Free Trial