DTEX Systems Offers NGAV Customers Access to Zero Trust DLP & Human Forensic Telemetry via the CrowdStrike Falcon Platform
If the last 20+ years of cyberattacks have taught us anything, it is that humans are both an enterprise’s greatest asset and the source of highest risk. Employees, contractors, and consultants, and their digital identities, represent the ultimate risk to data, IP, and operational resiliency, yet their behaviors, activities, intent, and motivations have been mostly ignored by first generation DLP solutions.
Understanding human ‘intent’ directly from the endpoint is the most important element of a Zero Trust DLP strategy that will work in today’s, and tomorrow’s, virtual economy driven by a distributed workforce no longer dependent on the network perimeter.
Now, as part of the CrowdStrike Store, customers can seamlessly deploy DTEX InTERCEPT Zero Trust DLP capabilities within the CrowdStrike Falcon platform to gain real-time, contextual behavioral intelligence that answers How, When, Why, Where and What sensitive IP and other data files every employee and third party is interacting with, aggregating, archiving, modifying, obfuscating, and may be attempting to exfiltrate. Customers also gain access to DTEX Systems’ digital forensics intelligence to enable push-button compilation of an evidentiary quality audit trail of user activities to enrich incident response investigations.
Industy analysts agree that data-centric approaches to Endpoint DLP are broken. In a recent Radar Report, Paul Stringfellow, a Senior Analyst with GigaOm, writes: “Modern DLP requires a multi-faceted approach, which the InTERCEPT platform embraces. By utilizing machine learning and “next generation” behavioral analytics, DTEX looks to address the limitations it sees with today’s approach to DLP by looking broadly at a number of vectors when assessing how any piece of information is being used.”
With DTEX InTERCEPT, employees are ensured non-intrusive, privacy-compliant intelligence gathering that recognizes them as partners in enterprise security and operational efficiency initiatives. Likewise, enterprise security and IT teams benefit from real-time, meta-data human behavioral intelligence that detects anomalies, automates peer group profiling, correlates user logic, and behavioral risk scoring to enrich Falcon.
How Organizations are Utilizing DTEX InTERCEPT with CrowdStrike Falcon
- Zero Trust Data Loss Prevention: Highly actionable, user-behavior focused data utilization intelligence protects regulatory-mandated and valuable IP data movement on- and off-network in use, at rest, and in transit from leaving the organization.
- Digital Forensics & Incident Response: Human telemetry complements Falcon Forensics to provide user-centric, pre-incident behavioral evidence that fills in gaps in context and ‘intent.’
- Insider Threat Detection & User Lockout: Anonymously identifies which users are engaging in malicious, negligent, and compromised behaviors, offers real-time contextual investigation and escalation, and allows for immediate lock out of a user to prevent data exfiltration.
- Work-From-Home (WFH) Engagement Monitoring: Easily understand and compare the processes of team members alongside one another to evaluate productivity, balance workloads, spot abnormal activities, and support team members to enable increased productivity.
- Shadow IT/ Unwanted Applications: Identify the most and least used apps in an environment, evaluate necessity and risk, and identify potential licensing issues.
There are also additional use cases such as root cause analysis and early ransomware detection. In fact, Stephen Seljan, Security Operations Manager at Equinix, recently shared how Equinix is supercharging NGAV with zero trust DLP and human activity forensics. Watch the on-demand webinar here.
To learn even more about our integration with CrowdStrike, visit https://www.dtexsystems.com/platform/dtex-intercept-for-crowdstrike-falcon and contact us today to get started!