Why Dtex? 2018-05-30T16:07:41+00:00

Why Dtex?

User Intelligence Purpose-Built for Insider Threat

A Solution Specifically Built to Detect Insider Threats

Instead of attempting to reverse-engineer insider threat insights out of existing data sources, Dtex provides visibility specifically tailored to insider threats — and combines it with analytics to provide actionable context and intelligence.

User Visibility

Dtex’s lightweight collector is scalable, privacy compliant, and gives you both online and offline visibility into user behavior.

Patterns of Known Behavior

Hundreds of patterns of known behavior immediately begin alerting on known signs of potential threats, including malicious users, negligent users, and infiltrators posing as insiders.

User Behavior Intelligence

Advanced user behavior intelligence baselines normal user behavior and pinpoints suspicious changes. This approach, combined with alert stacking, results in less noise and more accurate alerts.

Find the Answers You Can’t Get Anywhere Else

Dtex’s endpoint visibility shows you data that you can’t get anywhere else – and these answers are the difference between catching a breach and a data theft disaster. Here are just a few things that customers have found in their enterprises once they installed Dtex:

Malicious Users

Insiders intentionally harming the organization

  • Data Exfiltration
  • IP Theft
  • Bypassing Controls
  • On/Off Network
  • Obfuscation & Covering Tracks

Negligent Users

Insiders who hurt the organization through mistakes or carelessness.

  • Data Loss
  • Credential Misuse
  • Online File Sharing
  • Webmail
  • Policy Violations

Compromised Users

Outsiders who compromise employee accounts.

  • Credential Theft
  • Lateral Movement & Malicious Software
  • Account Takeover
  • Privilege Escalation
  • Unusual Data Aggregation

Find out the Top 10 Reasons Why Enterprises Deploy Dtex:

Why Global Organizations Choose Dtex…

Catch the Early Signs

Most tools focus on stopping data theft at the point of exfiltration. Dtex, however, looks for the full picture, including phases of the Insider Threat Kill Chain before the data theft itself. Through risk scoring and alert staking, Dtex recognizes suspicious sequences of events that may indicate an impending attack.

Understand Full Context

Understanding context is the sum of understanding what a user did, the sequence of those actions, and whether they were normal or abnormal for that particular user. Most tools don’t have the data to accurately give you that insight, but Dtex’s visibility and analytics show you the full context around an action. With Dtex, organizations can understand the “how?” and “why?” around security incidents.

Protect User Privacy

Security and visibility don’t have to come at the cost of user privacy. Dtex collects data in the form of metadata, and includes an optional anonymization process that hides all identifying personal information from user activity data. This data can only be “unlocked” by a pre-determined keyholder, protecting user privacy. In fact, Dtex is used under some of the strictest privacy laws in the world.

Reduce False Positives

The data that Dtex collects is lightweight, human-readable, and, most importantly, tailored to insider threats — making it far less noisy than other data sources. What’s more, Dtex’s analytics and alert stacking produce a very manageable number of alerts, with few false positives.

Get Visibility On or Off Network

Using a lightweight collector straight from the endpoint, Dtex gives you endpoint visibility directly from the user — even if they’re off the corporate network. This is critical in a world where employees are constantly working from home or from public networks.

Deploy Easily, with No Productivity Impact

Dtex collects extremely lightweight metadata (~2-3 MB/user/day), and the collector has a negligible impact on CPU. Deployment is quick, easy, and scalable. Dtex can be hosted on-prem or in the cloud, and requires no infrastrucutre beyond the tiny endpoint collector.