New Dtex Intercept 6.0 Puts Human Element at the center of Next-Gen Insider Threat Management
Investments in point solutions and reliance on modules from SIEM and EPP platforms are falling short as evidenced by the increasing number of high-profile data breaches caused by malicious and negligent employees and consultants. These solutions are simply not engineered to monitor and surveil the most critical and common denominator in every business activity: the humans powering the day-to-day operations.
Earlier today, we introduced Intercept 6.0, a first-of-its-kind Insider Threat Management solution that delivers always-on, human-centric security by proactively illuminating dangerous activity as ‘Indicators of Intent’ in real-time across the entire organization. Intercept 6.0 uncovers malicious and negligent behavior well before an incident occurs and provides a full audit trail after.
Experts agree that next generation cybersecurity will be defined by an unyielding focus on the most important element of a business’s ability to operate effectively and safely – the human factor. The enterprise workforce’s behavior, habits and interactions ultimately determine opportunities and threats, how and where risks emerge and if compliance mandates are met.
Intercept 6.0’s CISO Dashboard delivers actionable intelligence in an accessible, interactive format that delivers full forensic data and user investigation intelligence in only a few clicks… no additional analyst work required. And perhaps most importantly it does so without violating employee privacy -- a trend that has gotten a significant amount of media coverage as COVID-19 related workforce disruptions have strained the balance between enterprise security and workforce cohesion and morale.
According to Gartner, one of the keys to success in building an Insider Threat Management Program is to “determine risky behavioral patterns, using past incidents and cross functional input, and correlate the technical as well as behavioral threat indicators to analyze each incident in its full context.” [1}
Intercept 6.0 is purposely engineered to do what prior-generation EPP, SIEM or Insider Threat Management solution are unable to do… allow executives, IT and cyber-security practitioners to easily see, understand and act on contextual technical and behavioral intelligence to stop insider threats, prevent data loss, and protect the workforce, where-ever they may be.
Powered by our patent pending DMAP+ Technology, Intercept 6.0 continuously collects and synthesizes more than 500 unique elements of enterprise telemetry from data, machines, applications and people to surface dynamic ‘Indicators of Intent’ that combine to deliver holistic, contextual awareness about an enterprise workforce’s activities. These elements are enriched in near real-time using advanced behavioral models that are mapped against a person’s normal activity and peer group baselines. Our cloud-based predictive analytics engine continuously processes, scores and stacks ‘Indicators of Intent’ to stream live status updates, trend analysis and, when required, trigger notifications of abnormal activity that deviate from baselines and indicate elevated risks to an interactive, all-in-one dashboard for forensic investigation, protective action and cross-functional reporting.
Graeme Hackland, CIO with Williams F1 Racing has been a customer for more than 5 years and relies on Intercept every day. When asked about the importance of Intercept to Williams F1 Racing, Graeme had this to say…
“Dtex Intercept is the only security platform I use to see, understand and act on threats to our IP. Not only does Intercept tell me who’s doing what, when and how but it gives me a holistic, context-rich forensic record of what happened before and after an indicator of malicious or negligent insider behavior so I can eliminate the threat before data is exfiltrated. We evaluated five Insider Threat Management solutions against a weighted criteria of 13 must have capabilities including user behavior monitoring within specialty engineering applications and a collector that was invisible to employees. Intercept was the only solution that gave us those light-weight collection capabilities and the visibility we needed to support our mission-critical operational requirements.”
The next-generation insider threat management features and design innovations that combine to make Intercept 6.0 unique include:
Contextual Workforce Cyber Intelligence
Intercept 6.0 employs lightweight forwarders and a cloud-based correlation engine to deliver unmatched visibility, monitoring, surveillance, forensic and investigative capabilities against technical and behavioral indicators to SOC and IR teams frustrated with gigabytes of data and hundreds of disparate alerts.
Enterprise Scalability Measured in Hours
Unlike other solutions that are restrained to only analyzing people or devices of interest once identified by human analysts, Intercept 6.0 was purpose-built to scale and protect the entire organization up to millions of users, endpoints and servers continuously
Employee Privacy and GDPR Compliance
Security doesn’t need to come at the expense of privacy. Dtex puts privacy first, offering patented anonymization that obscures all identifying data from user behavior intelligence collection to ensure a positive organization culture and GDPR compliance.
Be sure to visit our blog often over the coming weeks and months for expert posts from our Product and Solution Architecture teams that deep dive into our Contextual Workforce Cyber Intelligence, Enterprise Scalability and Employee Privacy feature and capabilities.
 Gartner, “Ignition Guide to Building an Insider Threat Management Program,” Information Risk Management Team, 19 May 2020