AI-Driven Insider Threat Detection

Protect Your Valuable Data With NextGen User Behavior Analytics + User Activity Monitoring

Stop Reacting to Threats & Start Hunting Them

Integrated & Intelligent

Cerebral is an AI-powered security platform that integrates User & Entity Behavior Analytics (UEBA) with User Activity Monitoring (UAM), allowing rapid Data Breach Response (DBR)

 

The ability to hunt threats by proactively recognizing signs of risk, like changes in an employee’s attitude and behavioral patterns, allows you to move your security posture from reactive to proactive.

Unlike network monitoring or document tracking, Cerebral immediately alerts  you to who is exhibiting signs of risk, shows you related screen shots so that you can immediately determine the true nature of the incident.

 

This visibility empowers your IT security team to rapidly take action (with 100% confidence) all while gathering the evidence essential to taking legal action.

Cerebral’s Risk Scoring

At a glance, you’ll see all individual’s with elevated levels of risk.

 

This daily Risk Scoring maximizes efficiency and productivity by allowing your security team to hunt threats proactively.

Cerebral’s AI-based behavior analysis continually tracks each user's activity and language to create their daily risk score. The Risk Score dashboard shows high scores for each day, trends, recent alerts, and user details. It provides an immediate overview of high risk, user behavior within your organization.

Expanding the Scope of Your Cyber Security Strategy

 

Insider Threat Game Plan

Without an insider threat game plan, corporations are leaving a gaping hole in their security strategy. The average time it takes for a corporation to detect a data breach is over five months! If you have critical data to protect, having an incomplete insider threat strategy puts your corporation in significant jeopardy.

Endpoint Visibility & Analysis

With up to 60% of breaches coming from insider threats, it’s critical that corporations proactively monitor all endpoints for the rapid detection of internal breaches. Cerebral agents can be deployed on Windows, MAC, Android devices as well as Windows servers (prime targets for attackers posing as insiders, utilizing compromised credentials). Cerebral protects both physical and virtualized endpoints.

Detection Alone Is Not Enough

Data Breach Response (DBR) is critical to minimizing the impact of a breach. Once the alarm is sounded, how quickly can you react? Cerebral’s Time-Capsule DVR lets you see video playback of the incident as it unfolded. This visibility allows you to immediately delineate false alarms from real threats and take immediate action with 100% confidence.

Productivity &

Engagement Monitoring

Productivity Metrics

At-a-glance reporting lets you quickly see:

  • Log in and log out times

  • Time spent actively using work and non-work related applications

  • Time spent on websites

  • Time spent on social media

Employee Disengagement

The ability to identify employee disengagement is crucial. This is especially true for a distributed workforce where personal interaction is limited at best.

Cerebral’s AI utilizes psycholinguistics to continually monitors employees written language to identify and alert you of signs of employee disengagement.

Advanced Monitoring for Employees in Office or at Remote Locations

 

How it works

1. Watching

Watch Everything, All the Time

Cerebral monitors and analyzes all user activity at the endpoint, including:

Dark Web Tracking

Be alerted when employees access .onion sites.

Geolocation

Data on the location of a mobile device can be tracked as well as configured to alert security when a user device enters a restricted location or moves outside a specified geographic area.

Keystroke Logging

When needed, the option to record every keystroke, including “hidden” characters and combinations, ensures you have the visibility you need into the activity of highly privileged users.

Network Activity

Autonomously captures connections made by applications, including ports used and bandwidth consumed as well as time and location of the connection.

Chat & IM Activity

Capture, scan, alert and report on communications activity occurring on commonly used messaging apps; create a definitive record for compliance and investigative uses.

Compromised Credentials

Cerebral watches access to workstations and servers for unusual access by IP addresses, geolocation, and more.

User Status

Produces an accurate record of session times which include active and passive activity. Tracks log-on and log-off times but does not rely on log-off to identify when session activity ends.

Application Activity

Captures all application usage to provide true reporting on what applications are being used, by who, and for how long.

File & Document Tracking

Tracks activities on local, removable, and cloud storage, as well as print operations. See when files are created, edited, deleted, or renamed.

Psycholinguistics

Using computational linguistic analysis, Cerebral can identify and categorize opinions expressed in email text or chats to determine the writer's sentiment and sentiment changes that can point towards disgruntled workers and possible security risks.

Email Activity

Capture and analyze communication activity in traditional email clients as well as many popular webmail services. A searchable system of record that can be alerted and reported on.

Web Activity

Significantly more sophisticated than browser history, Cerebral records, and maintains information about web activity, including webmail usage, file uploads, and how long a user was engaged or active on a site.

2. ANALYZING

Big Data & AI

Second by second information gathering for all users on the network creates a big data scenario that not even the best security team could sift through. It’s like looking for a needle in thousands of ever-changing haystacks.

Veriato AI (UEBA) continually scrutinizes all users’ activity and sentiment, watching for anomalies in behavior compared with their personal baseline or that of a specific group.

Additionally Cerebral will watch for outsiders trying to access the network with stolen credentials.

3. Alerting

Immediate Notification

When Cerebral identifies a possible threat, it immediately notifies the security team. With an extremely low false positive rating (<2%). Cerebral’s alerting maximizes the efficiency of the security team by eliminating the need to have people constantly monitoring employees, hoping to find an issue.

With the average time of a breach detection reaching over five months, it’s obvious that many companies are not receiving breach alerts fast enough. With the ultimate goal of keeping the compromised data securely in house, alerting is critical for rapidly locking down and responding to the breach.

4. Seeing

Immediately See What's Happening

Once an alert is received, Cerebral's Time-Capsule DVR gives you the ability to look directly at a video of the user’s screen.

The ability to see the user move their mouse across the screen as they open files, download data or surf the internet is invaluable in rapidly determining whether the user’s actions are benign, a hazardous mistake or deliberately malicious.

 

You can scroll back and see what the user did 5 minutes, 5 hours or 5 weeks ago, letting you act rapidly with 100% confidence and see the extent of the breach and who their internal or external accomplices are.

5. Reacting

Once a breach is identified, Cerebral’s video playback allows you to react immediately and with 100% confidence. There are no more lengthy investigations to determine what a network alert actually means. You can react in minutes, notifying HR, management, operational security and even law enforcement. Additionally, the ability to look at video playback from days, weeks or months ago allows you to investigate the attack strategy as well as identify accomplices, outside and inside the organization.

Pictures are worth a thousand words, and nowhere is this truer than in the legal system. The Cerebral screen recordings can be exported as timestamped images or video files, creating vital evidence in inter-company disciplinary action as well as in legal proceedings. Veriato's detailed logs, reports, images and video evidence have been used in hundreds of cases worldwide to prosecute malicious insiders successfully.

Data Breach Response (DBR)

Respond With Speed

& Confidence

Taking Legal Action

 

Key Features

Dark Web Tracking

Get alerted when employees access the Dark Web using the Tor Browser.

Keystroke Logging

When needed, the option to record every keystroke, including “hidden” characters and combinations, insures you have the visibility you need into the activity of highly privileged users. With the Cerebral keylogger feature, all keystrokes can be recorded.

Chat & IM Activity

Capture, scan, alert and report on communications activity occurring on commonly used messaging apps; creates a definitive record for compliance and investigative uses.

User Status

Produces an accurate record of session time and activity. Tracks logon and logoff but does not rely on logoff to identify when session activity ends.

File & Document Tracking

Tracks activities on local, removable, and cloud storage, as well as print operations. See when files are created, edited, deleted, or renamed.

Email Activity

Capture communications activity in traditional email clients as well as many popular webmail services. A searchable system of records that can be alerted and reported on.

Geolocation

Data on the location of an Android device can be tracked as well as configured to alert security when a user device enters a restricted location or moves outside a specified geographic area.

Network Activity

Autonomously captures connections made by applications, including ports used and bandwidth consumed as well as time and location of connection

Compromised Credentials

Cerebral monitors access to workstations and servers for unusual access by IP addresses, geolocation, and more.

Application Activity

Captures all application usage to provide true reporting on what applications are open, being actively used, by who, and for how long.

Baselining

Self-learning of behavioral patterns for individuals and groups, driven by advanced machine learning, enables no-touch understanding of what normal looks like for everyone in your environment.

Web Activity

Significantly more sophisticated than browser history, Cerebral records, and maintains information about web activity, including webmail usage, file uploads, and how long a user was engaged or active on a site.

Ready to monitor for critical keywords being leaked or monitor employees' productivity?

PROUDLY ASSOCIATED WITH

sgtech.png
iapp.png
PIKOM-HugeLogo-01.png
unnamed (1).jpg
Singapore

Halodata International Pte Ltd​

No. 1 North Bridge Road #B1-03 High Street Centre, Singapore 179094

Contact:

+65-6336-7537

Email:

sgsupport@halodata.biz

  • Facebook
  • LinkedIn
Image by Patrick Langwallner

PT. Halodata Indonesia

HQ Office :
Ruko Marinatama E-23,

Jl. Gunung Sahari Raya No. 2,
Jakarta 14420, Indonesia

 

Wisma GKBI 39th Floor, Jl. Jend. Sudirman No. Kav. 28 Bendungan Hilir,

Jakarta 10210, Indonesia

Contact:

+6221-641-2784

Email:

its@halodata.biz

Image by Afif Kusuma

Halodata Infokom Sdn. Bhd.

Suite 15, A-3-2, Block A, Plaza Arkadia, Jalan Intisari Perdana, Desa Parkcity, 52200 Kuala Lumpur, Malaysia.

Contact:

+60-374-935-093

Email:

mysupport@halodata.biz

© Copyright 2020 Halodata International Pte Ltd. All Rights Reserved.