If the last 20+ years of cyberattacks have taught us anything, it is that humans are both an enterprise’s greatest asset and the source of highest risk. Employees, contractors, and consultants, and their digital identities, represent the ultimate risk to data, IP, and operational resiliency, yet their behaviors, activities, intent, and motivations have been mostly ignored by first generation DLP solutions.
Understanding human ‘intent’ directly from the endpoint is the most important element of a Zero Trust DLP strategy that will work in today’s, and tomorrow’s, virtual economy driven by a distributed workforce no longer dependent on the network perimeter.
Now, as part of the CrowdStrike Store, customers can seamlessly integrate DTEX Systems’ Behavioral DLP features with the CrowdStrike Falcon platform to gain significant insight into human activity and data usage telemetry. This real-time, contextual behavioral intelligence allows endpoint and security teams to quickly and easily understand behavioral intent and understand How, When, Why, Where and For How Long employees and third parties are interacting with, aggregating, archiving, modifying, obfuscating, and attempting to exfiltrate sensitive and compliance-mandated corporate data. Customers also gain access to DTEX Systems’ digital forensics intelligence to enable push-button compilation of an evidentiary quality audit trail of user activities to enrich incident response investigations.
Industy analysts agree that data-centric approaches to Endpoint DLP are broken. In a recent Radar Report, Paul Stringfellow, a Senior Analyst with GigaOm, writes: “Modern DLP requires a multi-faceted approach, which the InTERCEPT platform embraces. By utilizing machine learning and “next generation” behavioral analytics, DTEX looks to address the limitations it sees with today’s approach to DLP by looking broadly at a number of vectors when assessing how any piece of information is being used.”
With DTEX InTERCEPT, employees are ensured non-intrusive, privacy-compliant intelligence gathering that recognizes them as partners in enterprise security and operational efficiency initiatives. Likewise, enterprise security and IT teams benefit from real-time, meta-data human behavioral intelligence that detects anomalies, automates peer group profiling, correlates user logic, and behavioral risk scoring to enrich Falcon.
How Organizations are Utilizing DTEX InTERCEPT with CrowdStrike Falcon
- Behavioral Data Loss Prevention: Highly actionable, user-behavior focused data utilization intelligence protects regulatory-mandated and valuable IP data movement on- and off-network in use, at rest, and in transit from leaving the organization.
- Digital Forensics & Incident Response: Human telemetry complements Falcon Forensics to provide user-centric, pre-incident behavioral evidence that fills in gaps in context and ‘intent.’
- Insider Threat Detection & User Lockout: Anonymously identifies which users are engaging in malicious, negligent, and compromised behaviors, offers real-time contextual investigation and escalation, and allows for immediate lock out of a user to prevent data exfiltration.
- Work-From-Home (WFH) Engagement Monitoring: Easily understand and compare the processes of team members alongside one another to evaluate productivity, balance workloads, spot abnormal activities, and support team members to enable increased productivity.
- Shadow IT/ Unwanted Applications: Identify the most and least used apps in an environment, evaluate necessity and risk, and identify potential licensing issues.
There are also additional use cases such as root cause analysis and early ransomware detection. In fact, Stephen Seljan, Security Operations Manager at Equinix, recently shared how Equinix is supercharging NGAV with behavioral DLP and human activity forensics. Watch the on-demand webinar here.
To learn even more about our integration with CrowdStrike, visit https://www.dtexsystems.com/platform/dtex-intercept-for-crowdstrike-falcon and contact us today to get started!