Privileged Behaviour Management
This module uses machine learning techniques to create a baseline of each privileged user. Since the Privileged Access Policy is organised in Profiles, the Privileged Behaviour Management module can derive peer users. Users can be compared against their peers in terms including posture, role use, devices, actions and time.
PBM takes this data and maps it into a multi-dimensional space. From here it has two goals (a) ACTIVE Threat – hunting for anomalous behaviour and (b) PASSIVE Threat looking for users that have high privileged roles assigned that are not being used.
The data is presented in terms of time and coefficient of suspicion, all data points are ‘click-through’ so that you can use the graphs to pivot into active data tables for sessions, users and recordings.
Our statistics create a series of behavioural baselines for all privileged users that is automatically categorised. Through the PxM Platform’s use of profiles, other users are treated as behavioural peers. Owing to this, we can pre-emptively flag users who's behaviour seems like it's abnormal or suspicious.
Monitor user activities when and where they happen with our fully integrated metrics and reporting system. Furthermore, you can visualise correlations in user tendencies in real-time and also automatically produce data sets in a variety of user-friendly formats.
Privilege creep can rise when users gain privileges in excess of their requirements. Now you can identify and prevent this latent threat by supplying and withholding privileges. Access is only given to users access when they need it.
All privileged users gain risk scores reflecting behavioural baselines. SysAdmins can then use these scores to address security risks.
As a result, you can remove any doubt surrounding access rights.
Compare privileged user data. Preemptively display clear cases of exposed risks to infrastructure and give users privileges that fit their requirements - never under-privilege, never over-privilege. Baselines constantly adapt and update to mirror privileged use patterns.
The PxM Platform creates a profile for each privileged user in your organisation. Due to this, you can observe whenever a user’s access address differs from the existing baselines. If a user logs in more frequently from a given address, the lower their suspicion becomes.
Gain access to our PBM datasheet
Download the PBM module datasheet for a full technical breakdown, including a full feature list.