Data leakage, fraud detection and investigation software
Suspect an internal data leakage? Does something indicate that a cyber crime or fraud has a fort post in your infrastructure? Are there some signs of a persistent threat? It’s time to act! Ekran System will provide you simple yet powerful tools to investigate data leakage incident and any other potentially malicious activity inside your perimeter.
Being a universal user activity monitoring tool, Ekran System can help you with quick investigation of any actions your internal users perform, whether you need employee investigation software or third-party contractors audit solution or back-door user accounts research tool.
Ekran System provides:
- Easy remote deployment on target servers and desktops
- Flexible filtering options to focus on user groups, end-points, or applications
- Perfect-for-analysis monitoring results: indexed session video records
- Multi-layer index, including application names, URLs, commands, keystrokes, devices, etc.
- Rich toolset for search and reporting
- Several incident response tools.
Make Ekran System your data leakage investigation software and get possibility to detect and thoroughly research any user action in context:
- Install Ekran System clients on target end-points
- Configure monitoring rules (we guess, you'd like to record all actions at the first stage)
- Get complete searchable record of each user session
- Search across all sessions to focus on particular objects, files, or actions
- Replay key sessions and episodes to see the exact context of any situation
- Easily add or transfer licenses between end-points of interest as your investigation unfolds.
You can export results of your cyber crime investigation - recorded sessions and episodes - in the forensic format.
Unlike many other massive security monitoring solutions, Ekran System proves to be effective and agile fraud investigation software when you need to detect and investigate insider threat:
- Painless deployment does not require global configuration changes.
- Integrated by design session video records catch any situation together with all context.
- Analysis is easy with replay tools, keyword-based and advanced search.
- Custom and/or pre-packaged alerts generate instant notifications and create bookmarks in the session records.
Alerts? Yep, for events like:
- A user has logged in to a critical end-point
- An application is started
- A file is opened
- A command is entered
- A specific USB device is connected and so on.
After Ekran System is set up and starts monitoring, all user activity is thoroughly recorded, so any indicators of an internal data leak, fraud or malicious actions can be found and analyzed. Just as easy as having an advanced security camera inside each user session for timely cyber security incident detection.
Due to the flexible floating licensing, Ekran System allows you to perform targeted investigations and then easily scale to the preventive overall monitoring.
Being an efficient cyber security investigation tool, Ekran System also provides several incident response functions including user blocking and USB device alerting and blocking.
While hunting threats in session records, use also our broad reporting tools summarizing various aspects of data for you:
- All started application within a time period with spent time
- Most and least used applications
- All visited URLs within a time period
- All user logins for an end-point
- Get more report types
If you’d like to share findings, Ekran System provides you with the forensic export tool.
After being alerted on an event, you can connect to the still running session and watch the activity in real-time with the capability to block user immediately.
When defining device usage policy, you can not only alert specific device usage, but also block it automatically.
Finally, you can secure the critical end-points with the set of in-built Ekran System access management tools, which include:
- Secondary authentication for users who provided shared credentials (like “admin”)
- One-time passwords with manual system supervisor approve
- Two-factor authentication for critical servers