Promote this Nomination
|Company (that provides the nominated product / solution / service)||STEALTHbits|
|Company size (employees)||100 - 499|
|Type of solution||Software|
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
• Real-time Threat Protection – StealthINTERCEPT focuses on the two common denominators in every data breach scenario: credentials and data. The vast majority of credentials are contained in Active Directory. The vast majority of data is contained in unstructured data repositories like file systems. Regardless of where an attack originates, internally or externally, attackers use similar tactics to compromise assets. They perform reconnaissance to find critical resources, probe those resources to locate credentials, escalate their privileges through lateral movement, and ultimately compromise and exfiltrate data. StealthINTERCEPT is designed to detect these behaviors in real-time, block them, and instantiate preventative controls that make these attacks impossible in the future.
As cyber-attacks become more sophisticated, organizations must monitor their IT environments for changes and activities that violate security policies. Native logs, however, do not provide the real-time intelligence needed to identify and block threats.
StealthINTERCEPT addresses this gap. By inspecting all Active Directory, Exchange, and File System traffic at the source, it detects malicious and unintended changes in real-time to safeguard organizations’ credentials and unstructured data. Without reliance on native logging, StealthINTERCEPT is able to identify authentication-based and file system attacks, monitor usage and abuse of privileged accounts, and detect changes in ways organizations have not been able to previously. Furthermore, StealthINTERCEPT can instantiate preventative controls to lock down critical assets and enforce security policies.
• Real-time Monitoring—intercept Active Directory, Exchange, and File System traffic in real-time to give organizations faster, broader insight
• Authentication and File System Attack Analytics—identify and block threats and privileged account abuse with pattern- and behavior-based detection techniques
• Change & Access Detection and Prevention—detect and prevent access and changes to privileged accounts, security groups and GPOs, file/folder permissions, and mailboxes
• Powerful Investigations—provide visibility into the who, what, where, and when of an event, including before/after values, origination/destination IP, host names, etc.
• Real-time Alerting—receive real-time alerts on changes and threats at global or policy-specific levels
• Dynamic Policies—enrich policies by connecting data from DLP, PIM, and other systems
• Out-of-the-Box SIEM Integration—send only relevant threats to SIEM for fast remediation
• Enhanced Security and Policy Enforcement—identify and remediate security threats and prevent high-risk changes and activities (e.g. modifying GPOs)
• Improved Auditing and Compliance—track who is doing what with event context and reports to document activity and compliance
• Increased Value of Technology Investments—integrate with SIEM for greater insight, reduced risk, and decreased cost due to eliminating native logs