Promote this Nomination
|Company (that provides the nominated product / solution / service)||DTEX Systems|
|Company size (employees)||100 to 499|
|Headquarters Region||North America|
|Type of solution||Software|
In this new era of hybrid work, visibility into user behavior and actions is critical to thwarting insider threats and mitigating preventable risks, especially as organizations grapple with inflation and mass layoffs driven by economic uncertainty.
First-generation UEBA solutions have developed useful models for analysis and alerting, but they rely solely on interpreting log files and Windows® events, which are flawed data sources for capturing user behavior. Log files are difficult to implement and manage, requiring a significant amount of manpower to configure, collect, maintain, and interpret. Plus, they don’t provide enough visibility to mitigate common user attacks before damage has occurred.
DTEX InTERCEPT™ is a first-of-its-kind Workforce Cyber Intelligence & Security solution bringing together next-gen DLP, UEBA, digital forensics, user activity monitoring and insider threat management in one scalable cloud-native platform. Unlike legacy UEBA solutions, DTEX doesn’t rely on any Operating System or external logs. Instead, user visibility is achieved by monitoring the actions of the user directly on the endpoint. This is accomplished by creating user-based metadata that includes detailed information that is not provided from external log sources and provides real-time detection capabilities to identify actionable risks – regardless of whether the user is on a corporate network. DTEX then enriches the datasets to augment, corroborate, or potentially replace the requirement for additional log collection, delivering the behavioral context and intelligence needed to escalate and remediate an event before malicious insiders attack or data exfiltration occurs.
Recent enhancements to DTEX InTERCEPT™ for Behavioral DLP, the industry’s first and only Zero Trust ‘People-Centric’ Endpoint DLP product, expand the scope and protection provided by multiple Microsoft 365 E5 modules to provide holistic behavioral data loss prevention and workforce activity intelligence capabilities across the entirety of an enterprise’s application, data, and operating system architecture.
DTEX InTERCEPT™ for UEBA extends beyond the capabilities of legacy solutions in the following key areas:
- File Lineage Forensics & Auditing: Most malicious actions look like legitimate business activities—downloading files, copying and pasting data, using screenshots, compressing files, and sharing sensitive information. DTEX InTERCEPT™ delivers a full audit history detailing file activity to enable a real-time, contextual understanding of the severity of ‘indicators of intent’ that precede a data loss event. It delivers a full audit trail of who is involved and when each file is created, modified, aggregated, obfuscated, archived, encrypted, or deleted. These added attributes provide a clear distinction between normal activity and true data loss scenarios eliminating confusion caused by noisy alerts.
- Risk-Adaptive Data Protection: DTEX InTERCEPT™ protects sensitive data and IP from leaving an organization with multiple, highly accurate and dynamic enforcement capabilities. Data loss is prevented intelligently when a user’s behavioral risk score exceeds an organization’s threshold by blocking specific application processes and network connections that are not part of normal or approved workflows. This includes blocking FTP, large files in email, and access to certain cloud services. Additionally, SOC teams and analysts can remotely remove a user’s credentials and lock them out of their device. These risk-based blocking features best meet the requirements of today’s distributed workforce, reduce operational overhead, and eliminate false positives.
- Cloud Native Architecture & Interoperability: DTEX InTERCEPT™’s cloud-native platform is delivering more value at a lower cost with proven near-zero impact to endpoints and the network, ensuring that the organization can focus on the actionable outputs rather than the scalability issues, configuration and maintenance overhead, and spiraling deployment and services costs commonly associated with tradition endpoint DLP, NGAV, IAM, and UEBA solutions.