Threat and Risk Monitoring of Key Enterprise Applications

Overview

Industry

  • Cross Industry Solution

Supported Applications

  • SAP ECC
  • Oracle e-Business
  • PeopleSoft
  • EPIC
  • SharePoint
  • Documentum
  • Cerner
  • Mainframes
  • Custom applications

Securonix Use Cases

  • User risk monitoring
  • Data risk monitoring
  • Fraud monitoring
  • HPA monitoring
  • Compliance monitoring

Business Impact

  • Reduce risk of sensitive data theft
  • Proactively detect data theft and fraud
  • Reduce impact of loss situations
  • Lowers compliance cost
  • Quantified, non-subjective threat and risk reporting

Data Sources

  • Application logs and entitlements
  • HR/Identity information
  • Proxy logs (optional)
  • DLP events (optional)

Relevant Compliance & Security Best Practices

  • SOX
  • PCI DSS
  • HIPAA/HITECH
  • FISMA
  • FERC/NERC

Challenge: No Threat Visibility

Application Risk Intelligence plays a key role in any organization’s overall security and risk posture. Enterprise applications are the primary source of an organization’s critical assets and processes. As such they are the primary targets for insider and external threats and attacks. Most organizations have limited to no threat monitoring of these applications and are rely primarily on access controls and network security solutions that do little or nothing against an insider threat or an external targeted attack. Operating under a false sense of security, organizations need a real-time, continuous monitoring control to provide them with visibility into application-targeted threats before it is too late.

Solution: Application Threat & Risk Monitoring

Securonix addresses this need by monitoring critical applications and systems at the transaction, data set, and sensitive user record level. Securonix continuously builds a risk profile for all applications and systems while identifying all high-risk users, access, and activities associated with sensitive data and transactions. All results are scored and presented in application risk scorecards.

Benefits: Real Time Visibility with Actionable Intelligence

The Securonix solution for enterprise applications provides:

  • Continuous control and compliance monitoring
  • Automated rapid detection of high risk activity through behavior analysis
  • Detection and monitoring of high risk access and activity
  • Continuous detection and monitoring of critical information for DLP
  • Enriches data with identity, behavior and business context for security and compliance management
  • Pro-active detection and management of fraud, misuse, snooping and other illicit activity

Solution Tour

User Risk &Threat Monitoring

Securonix continuously builds a comprehensive risk profile of a user based on identity/employment, security violations, IT activity and access, physical access, and even phone records. All identity, activity, and access characteristics are compared to their baseline, their peers, and known threat indicators to identify true areas of risk. All results are scored and presented in interactive scorecards.

High Privileged Account (HPA) Monitoring

HPAs are a primary source of insider misuse and a platform for their attacks. Securonix automatically identifies HPAs such as administrator, service, and shared accounts then monitors them for abnormal behavior associated with an attack while linking the high-risk behavior back to a real user and their risk profile to give the potential threat full context.

Application & Data Risk Monitoring

Insiders attack sensitive data, transactions, or the systems that host them. Securonix addresses this threat by monitoring critical applications and systems at the transaction, data set, and sensitive user record level. Similar to a user, Securonix continuously builds a risk profile for all applications and systems identifying all high-risk users, access, and activity associated with their sensitive data and transactions. All results are scored and presented in application risk scorecards.

Advanced Enterprise Fraud Detection

Insider fraud is typically conducted over a long period of time or through complex activity designed to get around the known threat or “signature-based” detection methods. Securonix addresses this blind spot with advanced “signature-less” behavior and peer based outlier analysis techniques that are highly effective at identifying “slow and low” and complex fraud attacks.

Share...Share on FacebookTweet about this on TwitterShare on LinkedIn