Detect and Mitigate Insider Threats with Imperva CounterBreach
DETECT DANGEROUS USER DATA ACCESS
CounterBreach Behavior Analytics uses machine learning and peer group analytics to automatically uncover anomalous data access events. This establishes a full contextual baseline of typical user access to database tables, files stored in file shares and objects stored in cloud apps, and then detects and prioritizes anomalous activity. Combining an expert understanding of users and how they access data equips enterprises with the context and accuracy required to detect data breach incidents.
PINPOINT COMPROMISED ENDPOINTS
CounterBreach Deception Tokens detect endpoints compromised by cybercriminals. This patented deception technology lures attackers at the earliest stage of an attack with fictitious information tokens that bad actors probe for upon gaining access to the internal network. Deception tokens include fictitious database credentials, shortcuts to seemingly enticing files, and web browser cookies. This deterministic identification of compromised endpoints adds additional context to CounterBreach Behavior Analytics.
QUICKLY RESPOND TO INCIDENTS
CounterBreach spotlights the riskiest users, client hosts and servers so that IT staff can prioritize the most serious data access incidents. Security teams can efficiently investigate the most worrisome data access events by filtering open incidents by severity, and then take a deeper look into a specific incident to view granular information about the user and the data that was accessed.
GET THE FULL PICTURE OF USER DATA ACCESS ACROSS THE ORGANIZATION
With CounterBreach, security teams can analyze the data access behavior of particular users with a consolidated view into database, file and cloud app activity. This allows security teams to investigate incidents and anomalies specific to the individual, view the baseline of typical user activity and compare a given user with that user’s peer group.