Real-time user behavior analytics

Balabit’s Privileged Account Analytics, Blindspotter, integrates detailed data from Balabit's Privileged Session Manager, Shell Control Box, as well as a variety of contextual data and processes them using unique sets of algorithms, generating behavior profiles that are continually adjusted using machine learning. It detects suspicious activity by identifying unusual and risky deviations to baseline activity, offering a wide range of outputs from risk-based alerts to automated session termination.

Schedule a call

DETECT UNKNOWN THREATS IN REAL-TIME

Rules-based security will fail to detect unknown attack methods used by external attackers or malicious insiders. Blindspotter tracks and visualizes user activity in real-time for a better understanding of what is really happening in your IT environment. It doesn’t require pre-defined correlation rules; it simply works with your existing data.

DISTINGUISH FRIEND FROM FOE

Using session data captured by Balabit’s Privileged Session Manager such as keystrokes, mouse movements and commands executed, the Privileged Account Analytics engine can perform behavioral biometric analysis. This biometric analysis not only detects identity theft but provides continuous authentication by simply having users perform their tasks as usual.

usual, unusual activities

REDUCE ALERT NOISE

Privileged Account Analytics reduces alert noise by categorizing events by risk and deviation levels, highlighting the most suspicious events. Alerts can be sent to SIEMs or security analysts can view a prioritized list of events on the intuitive User Interface, enabling them to investigate the most serious events.