Join our panel during Black Hat 2024 – Blurred Lines: Investigating the Convergence of Internal and External Threats



A Human-centric Approach to Operational Awareness and Risk Management.

Insider Risk Insights - DTEX Blog
  • Home
  • Press
  • DTEX Systems Extends Microsoft 365 E5 Defender NGAV, Information Protection & Compliance Capabilities with DTEX InTERCEPT for Behavioral DLP

DTEX Systems Extends Microsoft 365 E5 Defender NGAV, Information Protection & Compliance Capabilities with DTEX InTERCEPT for Behavioral DLP

First and Only Integrated Insider Risk, UEBA, DLP and Forensics Platform Delivers Unmatched Human Telemetry, Visibility & Security Intelligence; Helps Microsoft Security Customers Maximize Value of Microsoft E5 Information Protection Investments

SAN JOSE, Calif. – March 23, 2022DTEX Systems, the Workforce Cyber Intelligence & Security CompanyTM, today announced new capabilities within its DTEX InTERCEPT for Behavioral DLP solution that expand the scope and protection provided by multiple Microsoft 365 E5 modules to provide wholistic behavioral data loss prevention and workforce activity intelligence capabilities across the entirety of an enterprise’s application, data, and operating system architecture.

Through enhanced integration with the Microsoft Defender for Endpoint and Cloud Apps modules, as well as Information Protection & Governance, DTEX InTERCEPT delivers cross-platform user behavior telemetry collection, visibility, and analysis capabilities that answer the questions of Who, What, Why, When, Where and How related to a user’s intent when interacting with organizational data and IP regardless of geo-location, on or off-network without employing invasive surveillance data gathering techniques.

The behavioral, contextual workforce intelligence provided by DTEX InTERCEPT extends the capabilities of the Microsoft 365 E5 modules to detect and capture intentional data loss incidents, stop intellectual property theft, pinpoint human behavior attribution as well as malware root cause, and prevents the use and misuse of unsanctioned and sanctioned SaaS applications.

DTEX InTERCEPT extends Microsoft Information Protection and Governance module’s data classification capabilities with policy templates and multi-factor data sensitivity algorithms to identify the precursors associated with intentional data loss incidents and protect non-regulated intellectual property such as source code, design documentation, and other unregulated data types and formats.

“Our customers understand that Microsoft 365 E5 Defender and Information Protection tools offer the foundation they need to identify and classify structured, regulatory mandated data and limit negligent data loss,” said Rajan Koo, Chief Customer Success Officer with DTEX Systems. “With DTEX InTERCEPT, our customers are addressing use-cases that require deeper and wider visibility than Microsoft 365 E5 tools can offer, specifically the ability to proactively detect malicious behaviors involving unstructured data and IP, perform real-time analysis in the context of human activity, and to interrupt suspicious behavior sequences and block data exfiltration to prevent a breach.”

DTEX InTERCEPT infuses Microsoft Defender for the Endpoint with powerful human behavior attribution and malware root cause analysis created by mapping user activity against the MITRE ATT&CK framework and its own patented DMAP+ metadata collection, correlation and analytics engine to contextualize IOCs and alerts with user activity intelligence. The result is single-click access to dynamic, insider risk and data loss dashboards that offer evidentiary quality incident and file lineage intelligence with drill-down investigative capabilities that inform rapid, targeted incident response and remediation in support of Microsoft’s IRM case-management tools.

Customers are also utilizing DTEX InTERCEPT to extend Microsoft Defender for Cloud Apps’ powerful IAM capabilities to include the continuous profiling of endpoint access to all web-based resources to detect suspicious SaaS-based uploads and anomalous behavior in real-time without additional configuration. This gives SOC teams and IR analysts the ability to detect both user and peer group anomalies occurring across the entirety of their IT environment including Windows, macOS, Linux, Citrix, VMWare, and other cloud-based environments such as AWS Workspaces.

The additional user attribution, data movement and file lineage, as well as endpoint access intelligence across and beyond an organization’s Microsoft 365 environment captured by DTEX InTERCEPT is seamlessly available within Microsoft Sentinel to enrich SOC operations with user behavior telemetry.

For more information about DTEX InTERCEPT for Microsoft 365 E5, please visit and read our blog post at

About DTEX Systems
DTEX Systems helps hundreds of organizations worldwide better understand their workforce, protect their data, and make human-centric operational investments. Its Workforce Cyber Intelligence & Security platform brings together next-generation DLP, UEBA, digital forensics, user activity monitoring and insider threat management in one scalable, cloud-native platform. Through its patented and privacy-compliant meta-data collection and analytics engine, the DTEX platform surfaces abnormal behavioral “indicators of intent” to mitigate risk of data and IP loss, enabling SOC enrichment with human sensors and empowering enterprises to make smarter business decisions quickly. To learn more about DTEX Systems, please visit

Media Contact
Sam Hussey
fama PR for DTEX Systems
[email protected]