One Identity Safeguard for Privileged Analytics

Rules-based security will fail to detect new external attack methods or malicious insiders. Safeguard for Privileged Analytics tracks and graphically represents user activity in real-time for a clear understanding of what is really happening in your IT environment. No need for pre-defined correlation rules; it simply works with your existing session data.

Instead of using pattern-based matching to detect ‘known bad’ behavior – which is often incorrect -- Safeguard for Privileged Analytics creates a baseline of ‘normal’ behavior via data collected from your IT environment. It then uses that data to detect deviations by using 13 different machine-learning algorithms.

By analyzing the screen content of privileged sessions, issued commands and window titles, Safeguard for Privileged Analytics can enrich the baseline-behavior profile of your privileged users by noting commonly used commands and applications. This granular analysis identifies ‘typical’ behavior and can help detect theft and misuse of privileged identities.

Each user has an idiosyncratic pattern of behavior, even when performing identical actions, such as typing or moving a mouse. The algorithms built into Safeguard for Privileged Analytics inspect these behavioral characteristics (captured by Safeguard for Privileged Sessions). Keystroke dynamics and mouse movement analysis help identify breaches and also serve as a continuous, biometric authentication.