Key Product Functions and Benefits

Key Components

ObserveIT provides a comprehensive solution to identify and eliminate insider threat and data exfiltration.

  • Insider Threat Library: ObserveIT's extensive library of out-of-the-box alert rules cover the most common scenarios of risky user activities. They have built-in policy notifications that are designed to increase the security awareness of users, and reduce overall company risk. Rules are mapped to User types such as Privileged Users, Everyday Users, Remote Vendors, and so on. ObserveIT’s Library of alert rules can be applied on Windows and Unix/Linux machines. They are grouped according to security Categories to help navigation and management.

  • User Activity Monitoring: Track users with suspicious or out of policy actions on workstations and servers, including on-premise, web-based and cloud-hosted applications and systems, as well as those with no internal logging facilities of their own. Prioritize users for further investigations based on ObserveIT's Risk Dashboard, which scores risky user activity across the enterprise.

  • File Activity Monitoring: Track and alert on files that were downloaded or exported using a browser or web-based application, from the internet or intranet. Alert if a tracked file is copied or moved to the default local sync folder of cloud storage services or when a file is copied or downloaded to a connected USB device. Monitor emails sent from email clients as well as files attached to and saved from email clients.

  • Live Activity Replay: Capture screenshots of user actions and file movement for a preset time period before and after an out of policy alert is triggered. This helps to meet privacy compliance in environments with strict restrictions on legitimate business purposes to protect against insider threats. Use session recording to monitor users and servers on a more ongoing basis.

  • Policy notification and enforcement: Enforce company policies and security regulations by utilizing ObserveIT's flexible warning and blocking notifications in real-time on any user violating your policies and security rules. Prevent malicious or unauthorized Linux commands from being executed using flexible, out-of-the-box prevention rules. Stop users from breaching security or violating company policies by forcibly logging off from unauthorized machines and closing harmful applications.

  • Website categorization: Automatically detect categories of websites that end users are browsing, enabling alerts to be generated on browsing categories such as gaming, adult content, infected or malicious websites, phishing websites, and more. ObserveIT provides 42 out-of-box website categories.

  • Maintain privacy compliance: User anonymization in the Dashboard and Web Console protects user privacy.

  • Efficient alert rule management: Alert rules are grouped by Categories and assigned to User Lists.

  • Department level risk management via Active Directory Group-based permissions: Large organizations can manage the risk of their employees in departments or groups, each owned by a dedicated security team member or manager.