Control Access Before It Controls You

STEALTHbits previene gli accessi malevoli alle informazioni aziendali, difendendo le organizzazioni dal furto e dall’abuso delle credenziali.

STEALTHbits è un’azienda produttrice di software per la sicurezza dei dati. Si focalizza sulla sicurezza delle informazioni aziendali, difendendole dagli abusi delle credenziali e controllando l’accesso ai dati. L’azienda propone queste soluzioni::

StealthAUDIT – Auditing, compliance, e framework di governance per dati non strutturati e applicazioni critiche;

StealthINTERCEPT – Identificazione delle minacce in tempo reale, change monitoring e alerting per infrastrutture Microsoft;

StealthDEFEND – Soluzione di analisi del comportamento degli utenti e di identificazione delle minacce.

STEALTHbits File Activity Monitor – Soluzione di semplice implementazione che controlla e archivia l’attività dei file per i File Server Windows e dispositivi NAS (NetApp, EMC, Hitachi).

Security Center Continuous View

StealthAUDIT

Raccolta agentless dei dati. Potenti strumenti di analisi. Correzioni globali.

Continua

La piattaforma di gestione StealthAUDIT è la spina dorsale della famiglia di soluzioni di STEALTHbits. La sua architettura aperta, il basso impatto, e le sue potenti capacità di raccolta dei dati assicurano la flessibilità necessaria per produrre informazioni di valore in ogni ambiente IT.

AD Inventory & Collection – Tutto comincia da Active Directory. Vengono raccolti tutti gli oggetti, impostazioni, configurazioni e permessi da Active Directory. Questi vengono poi correlati con metadati, informazioni sull’attività e permessi dai sistemi a cui AD controlla l’accesso.

Architettura Agentless – La gran parte dei dati di StealthAUDIT proviene da scansioni agentless e raccolta dei log. Questo permette la raccolta remota di migliaia di data point attraverso dozzine di sistemi e di applicazioni, riducendo l’impatto sull’ambiente IT.

Velocità e scalabilità – Questa architettura a basso profilo, unita con potenti scansioni, permette alla soluzione di scalare fino ai più vasti ambienti IT, ed essere eseguita a velocità molto elevate.

Analisi flessibile – I dati raccolti da StealthAUDIT vengono immagazzinati in un database SQL, che permette la maggiore flessibilità durante l’analisi dei dati stessi. I moduli di analisi permettono anche a utenti non esperti di SQL di interagire con i dati come se fossero utenti SQL provetti.

Interazione e remediation – StealthAUDIT offre agli utenti diverse opzioni per la remediation di problemi scoperti durante le scansioni, da singole operazioni a operazioni di remediation di massa / globali. Un’interfaccia intuitiva guida l’utente che riesce così a svolgere con semplicità queste operazioni.

 

StealthINTERCEPT

Change and Access Auditing | Real-Time Alerting

Continua

Active Directory (AD), File Systems, and Exchange are giant figures on any organization’s threat surface. However, most organizations lack visibility and control over changes and activities taking place in these environments, resulting in major security and operational risks.

StealthINTERCEPT provides crystal clear visibility into activity and changes, and safeguards your organization against malicious and unintended changes made in Active Directory, File Systems, and Exchange.

By intercepting and inspecting all Active Directory, Exchange, and File System traffic at the source, StealthINTERCEPT generates security and operational intelligence in real-time that could never previously be obtained using native logs, utilities, or third-party products.

Detect & Prevent Changes & Advanced Threats

  • AD object & GPO modifications, creations, deletions, and moves
  • File System access & permissions
  • Exchange Non-Owner Mailbox access
  • Authentication-based Attacks (Brute Force, Lateral Movement, Account Hacking, and more)
  • Crypto Ransomware & File Exfiltration
  • Privileged Account Use and Abuse

StealthDEFEND

User and Entity Behavior Analytics (UEBA) for Threat Detection

Continua

Despite millions of dollars spent in security software and hardware, data breach events still occur daily. Organizations are now turning to advanced data science and machine learning through user and entity behavior analytics to get ahead of the game. Those serious about protecting their sensitive data and other resources from real threats like pass the hash and pass the ticket leverage StealthDEFEND to detect and disable compromised and abused accounts.

StealthDEFEND combines user behavior analytics and machine learning with access auditing and sensitive data discovery to not only detect abnormal account behavior, but accurately assess the risk associated with such behavior.

  • Authentication-Based Attack Detection – StealthDEFEND detects attempts to use common attack vectors to either gain initial access to, or propagate through, an environment. Examples of these attacks include: Brute Force, Lateral Movement, Golden Ticket, Account Hacking, Breached Passwords.
  • Malicious Insider Identification – StealthDEFEND detects shifts in behavioral patterns of users and correlates them with the user access information to determine the potential risk they pose to the organization’s data.
  • Privileged Account Abuse Detection – Accounts with elevated permissions have the ability to access and change virtually anything in the environment. StealthDEFEND identifies accounts with elevated permissions and monitors their behavior for abnormalities that can indicate compromise or abuse.
  • Ransomware & Malware Discovery – StealthDEFEND detects unusual or abnormally high file system activity in short timeframes, as well as operations associated with ransomware presence, such as the creation of files with specific names and file extensions.
  • Data Exfiltration Discovery – By monitoring for unauthorized access attempts to sensitive data and mailboxes, StealthDEFEND protects against users trying to steal valuable information.

STEALTHbits File Activity Monitor

Solo i dati. Semplice, efficace, conveniente.

Continua

The STEALTHbits File Activity Monitor is a simple to install, easy to use, affordable solution that monitors and stores file activity for Windows File Servers and NAS devices (NetApp, EMC, Hitachi), without any reliance on native logging. The solution is designed to provide users with:

  • The ability to collect all or specific file activity for specific values or specific combinations of values
  • A clean, simple UI to view the results of the queries executed against the data
  • The ability to feed file activity data to alternative technologies like SIEM and/or export data in formats that are easy to understand and work with.

Collect up to 17 different event types across files and folders and at any scope. With streamlined data gathering, you’ll not only get the details of every event, but at a fraction of the size compared to native event logs.