Validate an alert is a true positive
DTEX InTERCEPT for the CrowdStrike Falcon platform demystifies the context and intent of human behaviors without violating the trust and privacy of employees. Alert stacking and activity scoring algorithms accurately detect deviations that indicate credential compromise, precede ransomware infection and predict malicious insider intent and activity.
Commonly seen external threat techniques, such as Discovery, Persistence, and Execution, may be ignored by endpoint solutions because of the volume of activities generated and the high number of false positives.
Add behavioral data loss prevention
Deploy DTEX behavioral DLP capabilities within the CrowdStrike Falcon platform to gain real-time, contextual behavioral intelligence that answers What, When, Where, and Why users are interacting with sensitive data.
DTEX protects sensitive data and IP from leaving an organization with multiple, highly accurate and dynamic enforcement capabilities. Data loss is prevented intelligently when a user’s behavioral risk score exceeds an organization’s threshold by blocking specific application processes and network connections that are not part of normal or approved workflows.
Critical featuresfor a proactive security strategy
Simplify the security stack and gain the visibility needed to identify risks earlier.
Dynamic Risk Scores
Analyze and baseline user behavior by role, department and geography and creates dynamic risk scores to accurately identify deviations.
Complete Data File Lineage
Full history of every file – in use, in motion, and at rest – on and off network to understand all content usage and modifications.
AI Driven Investigations
Guided investigations answer questions about who is risky and most importantly, why. This is key because the ‘why’ helps determine an appropriate response.
Pseudonymization
Tokenize PII across raw data fields through DTEX patented Pseudonymization™, ensuring that DTEX can operate even under some of the strictest privacy regulations in the world.
Teachable Moments
Differentiate user intent so appropriate action is taken. Careless users can be addressed with training while malicious and compromised accounts can be blocked from doing damage.
One-click Reporting
Insight into business risk with executive and analyst reports that include recommendations to avoid data loss events. Technical detail is summarized graphically for key take aways.
DTEX Insider Threat Kill Chain
Understanding the detailed steps taken during an insider attack plays a big part in preventing a data loss incident, enabling organizations to identify issues before an insider risk turns into an insider threat.