Dtex Intercept is the only next-gen Insider Threat Platform that delivers always-on security to proactively illuminate dangerous activity in real-time across the entire organization, both uncovering risky behavior well before an incident occurs and providing full audit trail after.

Unlike other solutions that are restrained to only analyzing people of interest (POI), Dtex’s Next-Gen Insider Threat Platform protects the entire organization by leveraging DMAP+ Technology. DMAP+ Technology is a combination of lightweight forwarders and real-time correlation of enriched telemetry from data, machines, applications and people (DMAP) done at incredible scale.

DTEX INTERCEPTNext-Gen Insider Threat Platform

Most Common Types of Insider Threat

Out-of-the-box3rd-Party

Integrations

CARELESSWORKERS

INSIDEAGENTS

DISGRUNTLEDEMPLOYEES

THIRD-PARTYUSERS

MALICIOUSINSIDERS

Lightweight forwarders

Data LossPrevention

User Activity Monitoring

Fraud Detection & Compliance

IR & Forensic Investigations

Dtex Intercept Next-Gen Insider Threat Platform

DMAP+ Technology

ENCRYPTION LAYER: Employee privacy & GDPR compliance

Is a patent-pending, real-time correlation of DMAP telemetry, introspection and predictive modeling that leads to

detection of highly credible insider threats

REMOTEWORKERS

IN-OFFICE

LAPTOPS

LAPTOPS/DESKTOPS

SERVERS

VDI SOARs

Case Management

Apps

Workflow Apps

SIEMs

DMAP+ Technology

Copyright © 2020 Dtex Systems, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners.

3055 Olin Ave. Suite 2000 San Jose, California 95128 | +1 (408) 418 – 3786 | www.dtexsystems.com

MULTI-PLATFORM SUPPORTWindows, macOS, Linux | Laptops, Desktops, Servers | Virtual Environments (VDI, Citrix)

EXAMPLES: • Bypass of Security Tools

• Data Obfuscation

Behavior Annotation

Risk Category Templates

Aggregated Alerts

Markov Models

Session Process File SystemWebpage

InterfaceEvent Log Registry Clipboard

Network

PrinterDevice

Window

Multifactor Regression

Entity Clustering

Configurable Lexons

Anomaly Detection

Process Profiling

URL Crawling

Behavior Correlation

KnownBehaviors

UnknownBehaviors

PredictedBehaviors

ENRICHM

ENT

SCORING

COLLECTION

INSIDER THREAT IDENTIFICATION

HOW DMAP+ TECHNOLOGY WORKS

MALICIOUS INSIDERIntent

EXAMPLES: • Privilege Escalation

• Lateral Movement

EXTERNAL THREATSCompromised Insider Behaviors leveraging MITRE ATT&CK EXAMPLES:

• Accidental Data Loss via File Share

• AUP Breach

NEGLIGENT INSIDER Policy Breaches & Teachable Moments

EXAMPLES: • Exfiltration via Webmail

• Exfiltration via Airdrop or Bluetooth

DATA LOSSData Handling Compliance & ExfiltrationEXAMPLES:

• Flight Risk + Data Loss

• Person of Interest

• Local or Service Accounts

BEHAVIORAL INDICATORSBehaviors of Interest