Balabit’s Privileged Account Analytics, Blindspotter, integrates detailed data from Balabit's Privileged Session Management solution, Shell Control Box, as well as a variety of contextual data and processes them using unique sets of algorithms, generating behavior profiles that are continually adjusted using machine learning. It detects suspicious activity by identifying unusual and risky deviations to baseline activity, offering a wide range of outputs from risk-based alerts to automated session termination.Schedule a call
Blindspotter vs. insider threat
Blindspotter - The real-time user behavior analytics solution
Rules-based security will fail to detect unknown attack methods used by external attackers or malicious insiders. Blindspotter tracks and visualizes user activity in real-time for a better understanding of what is really happening in your IT environment. It doesn’t require pre-defined correlation rules; it simply works with your existing data.
Using session data captured by Balabit’s Privileged Session Management such as keystrokes, mouse movements and commands executed, the Privileged Account Analytics engine can perform behavioral biometric analysis. This biometric analysis not only detects identity theft but provides continuous authentication by simply having users perform their tasks as usual.
Privileged Account Analytics reduces alert noise by categorizing events by risk and deviation levels, highlighting the most suspicious events. Alerts can be sent to SIEMs or security analysts can view a prioritized list of events on the intuitive User Interface, enabling them to investigate the most serious events.