dtex intercept 042020 v3 · 2020. 8. 28. · dtex intercept is the only next-gen insider threat...
TRANSCRIPT
Dtex Intercept is the only next-gen Insider Threat Platform that delivers always-on security to proactively illuminate dangerous activity in real-time across the entire organization, both uncovering risky behavior well before an incident occurs and providing full audit trail after.
Unlike other solutions that are restrained to only analyzing people of interest (POI), Dtex’s Next-Gen Insider Threat Platform protects the entire organization by leveraging DMAP+ Technology. DMAP+ Technology is a combination of lightweight forwarders and real-time correlation of enriched telemetry from data, machines, applications and people (DMAP) done at incredible scale.
DTEX INTERCEPTNext-Gen Insider Threat Platform
Most Common Types of Insider Threat
Out-of-the-box3rd-Party
Integrations
CARELESSWORKERS
INSIDEAGENTS
DISGRUNTLEDEMPLOYEES
THIRD-PARTYUSERS
MALICIOUSINSIDERS
Lightweight forwarders
Data LossPrevention
User Activity Monitoring
Fraud Detection & Compliance
IR & Forensic Investigations
Dtex Intercept Next-Gen Insider Threat Platform
DMAP+ Technology
ENCRYPTION LAYER: Employee privacy & GDPR compliance
Is a patent-pending, real-time correlation of DMAP telemetry, introspection and predictive modeling that leads to
detection of highly credible insider threats
REMOTEWORKERS
IN-OFFICE
LAPTOPS
LAPTOPS/DESKTOPS
SERVERS
VDI SOARs
Case Management
Apps
Workflow Apps
SIEMs
DMAP+ Technology
Copyright © 2020 Dtex Systems, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners.
3055 Olin Ave. Suite 2000 San Jose, California 95128 | +1 (408) 418 – 3786 | www.dtexsystems.com
MULTI-PLATFORM SUPPORTWindows, macOS, Linux | Laptops, Desktops, Servers | Virtual Environments (VDI, Citrix)
EXAMPLES: • Bypass of Security Tools
• Data Obfuscation
Behavior Annotation
Risk Category Templates
Aggregated Alerts
Markov Models
Session Process File SystemWebpage
InterfaceEvent Log Registry Clipboard
Network
PrinterDevice
Window
Multifactor Regression
Entity Clustering
Configurable Lexons
Anomaly Detection
Process Profiling
URL Crawling
Behavior Correlation
KnownBehaviors
UnknownBehaviors
PredictedBehaviors
ENRICHM
ENT
SCORING
COLLECTION
INSIDER THREAT IDENTIFICATION
HOW DMAP+ TECHNOLOGY WORKS
MALICIOUS INSIDERIntent
EXAMPLES: • Privilege Escalation
• Lateral Movement
EXTERNAL THREATSCompromised Insider Behaviors leveraging MITRE ATT&CK EXAMPLES:
• Accidental Data Loss via File Share
• AUP Breach
NEGLIGENT INSIDER Policy Breaches & Teachable Moments
EXAMPLES: • Exfiltration via Webmail
• Exfiltration via Airdrop or Bluetooth
DATA LOSSData Handling Compliance & ExfiltrationEXAMPLES:
• Flight Risk + Data Loss
• Person of Interest
• Local or Service Accounts
BEHAVIORAL INDICATORSBehaviors of Interest