For the best web experience, please use IE11+, Chrome, Firefox, or Safari

Safeguard for Privileged Analytics

Privileged threat analytics enables you to know who your high-risk privileged users are, monitor questionable behaviors and uncover previously unknown threats from inside and outside of your organization. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action -- and ultimately prevent data breaches.

Protect Against Privileged ID Theft 03:00

Protect Against Privileged ID Theft


Real-time privileged threat analytics

Rules-based security will fail to detect new external attack methods or malicious insiders. Safeguard for Privileged Analytics tracks and graphically represents user activity in real-time for a clear understanding of what is really happening in your IT environment. No need for pre-defined correlation rules; it simply works with your existing session data.

Pattern free operation

Instead of using pattern-based matching to detect ‘known bad’ behavior – which is often incorrect -- Safeguard for Privileged Analytics creates a baseline of ‘normal’ behavior via data collected from your IT environment. It then uses that data to detect deviations by using 13 different machine-learning algorithms.

Screen content analysis

With privileged threat analytics in your security capabilities, you can monitor and analyze the screen content of privileged sessions, issued commands and window titles, Safeguard for Privileged Analytics can enrich the baseline-behavior profile of your privileged users by noting commonly used commands and applications. This granular analysis identifies ‘typical’ behavior and can help detect theft and misuse of privileged identities.

Behavioral biometrics

Each user has an idiosyncratic pattern of behavior, even when performing identical actions, such as typing or moving a mouse. The algorithms built into Safeguard for Privileged Analytics inspect these behavioral characteristics (captured by Safeguard for Privileged Sessions). Keystroke dynamics and mouse movement analysis help identify breaches and also serve as a continuous, biometric authentication.

Reduce alert noise

Privileged threat analytics reduces alert noise generated by SIEMs by categorizing user events based on risk and deviation levels, and highlighting the most suspicious events. Alerts can be sent to SIEMs, or your security analysts can view a prioritized list of events on the intuitive user interface, enabling them to focus on the most important events.

Automated response

In most attack scenarios, high-impact events are often preceded by a reconnaissance phase. So, detection and response during this phase is critical to preventing damaging activity. Seamless integration with Safeguard for Privileged Sessions enables automated session termination whenever a highly suspicious event occurs, or malicious behavior is detected.

Get started now

Support & Services

Product Support

Self-service tools will help you to install, configure and troubleshoot your product.

Support Offerings

Find the right level of support to accommodate the unique needs of your organization.

Education Services

Training courses delivered through online web-based, on-site or virtual instructor-led.