Provided as an affordable Turn-Key, Managed Service
Automated alerts sent via flexible transport methods (Examples: text message, email, slack, etc)
Manages evolving threats proactively
Provides confidence in closing gap between perceived and actual security
Maximizes value of security investments
Frees IT staff to focus on business initiatives
Provides single pane of glass visibility across all devices
Reduces audit effort and expense for PCI, HIPAA and other standards
Access to security professionals and expertise
Compromised passwords are a serious risk to an environment. They can lead to spear phishing attacks, malicious logins, data breaches, and ransomware. This could lead to significant expenses in the event of a data breach. Compromised passwords could also be a result of an inadequate password policy. That is also something that should be reviewed if there are a large number of compromised passwords in the environment.
External vulnerabilities are opportunities for outside attackers to gain internal access to the network. There are numerous holes that can be opened, many of which are opened unknowingly. Attackers have many sophisticated methods to exploit these openings
Sometimes passwords are forgotten or simply mistyped which triggers a login failure. Large amounts of failed login attempts in a short timeframe can be an key indicator of a brute force attack. This method of attack targets a user by guess passwords until it's solved using algorithms and password databases found online or obtained illegally through the dark web.
Login history keeps records on who is attempting logins into which machines and how frequently. This can be an important item to track who may be accessing devices that they shouldn't be. Login history can also identify suspicious activity on higher privileged devices that may contain critical or sensitive information. Anomalous logins can be crosschecked with login history to validate suspicious activity of a user.
User behavior analysis targets the method of login attempts by users. It's broken up into 3 categories. The first category is login attempts from the physical keyboard and screen of the device. The second category is remote login attempts. This could include terminal services, Remote desktop, or remote assistance. The third category is through the network to access a system resource such as a shared folder. This can be used to determine the method an attacker used is access the network in that instance.