Shell Control Box is a user monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. SCB is a quickly deployable enterprise device, completely independent from clients and servers - integrating seamlessly into existing networks. SCB is a core component of the Contextual Security Intelligence Suite. It captures the activity data necessary for user profiling and enables full user session drill down for forensic investigation in CSI.User.Request online demo
SCB acts as a centralized authentication and access-control point in your IT environment which improves security and reduces user administration costs. The granular access management helps you to control who can access what and when on your servers.
SCB perfectly isolates your sensitive systems from unknown intruders or from non-authorized users. In addition, it tracks all authorized access to sensitive data and provides with actionable information in the case of human errors or unusual behavior.
SCB monitors privileged user sessions in real-time and detects anomalies as they occur. In case of detecting a suspicious user activity (for example entering a destuctive command, such as the "delete"), SCB can send you an alert or immediately terminate the connection.
SCB audits "who did what", for example on your database or SAP servers. Aware of this, your employees will do their work with a greater sense of responsibility leading to a reduction in human errors. By having an easily interpreted, tamper-proof record, finger-pointing issues can be eliminated.
SCB makes all user activity traceable by recording them in high quality, tamper-proof and easily searchable audit trails. The movie-like audit trails ensure that all the necessary information is accessible for ad-hoc analyses or custom activity reports.
When something wrong happens, everybody wants to know the real story. Analyzing thousands of text-based logs can be a nightmare and may require the participation of external experts. The ability to easily reconstruct user sessions allows you to shorten investigation time and avoid unexpected cost.
Monitor your IT administrators
Internal "superusers", such as system administrators, developers or C-level managers have practically unrestricted access to your information assets. These users can intentionally - or accidentally - perform harmful actions in IT systems that can cause great damage to the business. Learn More
Control your IT outsourcing and cloud partners
IT contractors such as vendors, services providers or independent consultants all require privileged access to internal networks. Giving responsibility to them is always a security risk. Learn More
Audit your Citrix and VMware View users
Terminal services users are a potential security risk in many situations. At most companies, users at different organizational levels (e.g. legal department, HR, sales, etc.) have the possibility to access and manipulate the most sensitive information, such as customer data. Learn More
Meet local laws and international standards
Regulations like SOX, PCI-DSS, ISO 27001, or the EU Data Protection Act increasingly mandate strict protection of sensitive information - be it personal data, credit card data, or financial information. Learn More
Improve IT incident management
The simple question “Who did what on our server?” is one of the toughest questions to answer in IT today. When something wrong happens, everybody wants to know the real story immediately. Learn More
"Balabit offers industrial strength session monitoring and recording."
Andras Cser in "The Forrester Wave™: Privileged Identity Management, Q1 2014", Forrester Research, Inc.