Privileged activity monitoring

Shell Control Box is an activity monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. SCB is a quickly deployable enterprise tool with the widest protocol coverage on the market. It is completely independent from clients and servers - integrating seamlessly into existing infrastructures.

Control SSH, RDP, Telnet sessions

Central policy enforcement

SCB acts as a centralized authentication and access-control point in your IT environment which improves security and reduces user administration costs. The granular access management helps you to control who can access what and when on your servers.

Advanced protection of sensitive data

SCB perfectly isolates your sensitive systems from unknown intruders or from non-authorized users. In addition, it tracks all authorized access to sensitive data and provides with actionable information in the case of human errors or unusual behavior.

Prevention of malicious activities

SCB monitors privileged activity in real-time and detects anomalies as they occur. In case of detecting a suspicious user action (for example entering a destuctive command, such as the "delete"), SCB can send you an alert or immediately terminate the connection.

Tighter employee & partner control

SCB audits "who did what", for example on your database or SAP servers. Aware of this, your employees will do their work with a greater sense of responsibility leading to a reduction in human errors. By having an easily interpreted, tamper-proof record, finger-pointing issues can be eliminated.

Return on investment of Shell Control Box

Faster, cost-effective supervisory audits

SCB makes all user activity traceable by recording them in high quality, tamper-proof and easily searchable audit trails. The movie-like audit trails ensure that all the necessary information is accessible for ad-hoc analyses or custom activity reports.

Lower troubleshooting & forensics costs

When something wrong happens, everybody wants to know the real story. Analyzing thousands of text-based logs can be a nightmare and may require the participation of external experts. The ability to easily reconstruct user activity allows you to shorten investigation time and avoid unexpected cost.


"BalaBit offers industrial strength session monitoring and recording."

"The Forrester Wave™: Privileged Identity Management, Q1 2014", Forrester Research, Inc., by Andras Cser.

Top 25 Must Have Software Citrix ReadyvmWare Partner

What can you use SCB for?

  • Monitor your IT administrators

    Internal "superusers", such as system administrators, developers or C-level managers have practically unrestricted access to your information assets. These users can intentionally - or accidentally - perform harmful actions in IT systems that can cause great damage to the business. Learn More

  • Control your IT outsourcing and cloud partners

    IT contractors such as vendors, services providers or independent consultants all require privileged access to internal networks. Giving responsibility to them is always a security risk. Learn More

  • Audit your Citrix and VMware View users

    Terminal services users are a potential security risk in many situations. At most companies, users at different organizational levels (e.g. legal department, HR, sales, etc.) have the possibility to access and manipulate the most sensitive information, such as customer data. Learn More

  • Meet local laws and international standards

    Regulations like SOX, PCI-DSS, ISO 27001, or the EU Data Protection Act increasingly mandate strict protection of sensitive information - be it personal data, credit card data, or financial information. Learn More

  • Improve IT incident management

    The simple question “Who did what on our server?” is one of the toughest questions to answer in IT today. When something wrong happens, everybody wants to know the real story immediately. Learn More