StealthDEFEND 1.2 is here!

Real-Time Threat Analytics & Alerting

Watch Video

Request a Free Trial

Powered by ChronoForms -


StealthDEFEND is a real-time behavioral analytics and response platform. Leveraging unsupervised machine learning, StealthDEFEND identifies insider threats to produce superior threat intelligence.

StealthDEFEND approaches data security through the mindset of an adversary, focusing on attack methods used in enterprise breaches to protect customers against a variety of sophisticated attacks, account compromise, and malware. Threat response is made easy with the use of built-in Incident Response Playbooks.

Some highlights of the new release include:

StealthDEFEND - Actions Engine

Actions Engine

The StealthDEFEND actions engine automates security responses and connects various security applications and processes together with multi-stage actions. This allows customers to build "Playbooks" they can use to respond to threats automatically or in an ad-hoc fashion.

The ability to detect and respond to threats quickly can mean the difference between a minor incident and a breach. Achieving this level of response speed is difficult for even the most seasoned security teams. StealthDEFEND’s built-in Incident Response Playbooks can be used to automate multi-stage actions ranging from basic alerting to triggering step-up authentication, greatly reducing insider threat dwell time.

StealthDEFEND - Role Based Access

Role Based Access

StealthDEFEND allows administrators the ability to scope user access to a variety of roles from "Reviewer" (grants the ability to only view threats), Threat Responders (grants the ability to view threats and execute actions) and Response Managers (grants the ability to author new Threat Response Playbooks). Permissions are scoped to Active Directory Users and Groups allowing delegation via Active Directory.

With RBAC (Rule Based Access Controls), StealthDEFEND security is managed at a level that corresponds closely to the organization's structure. Each user is assigned a role, and each role is assigned one or more privileges, all of which is easily managed via Active Directory.

Workflow Updates - Enhanced UI & Performance

Workflow Updates

StealthDEFEND allows the assignment of threats to individual users and history / action execution / comments, all of which are tracked in an intuitive interface.

Teams are typically working on multiple projects and tasks at any given time in an organization, and the ability to collaborate on issues is key to successful outcomes. StealthDEFEND offers the ability for multiple analyst to work with the same data and track the current state of events across team members.

StealthDEFEND - Credential Profiles

Credential Profiles

StealthDEFEND administrators can associate a profile with multiple sets of credentials, to be used with Security Playbooks and Active Directory Sync.

Multi-action threat response often relies on different credentialed applications to execute a series of actions; StealthDEFEND simplifies associated access management by allowing customers to create credentials profiles that do not rely on specific usernames and passwords, instead leverages credential profiles that are linked to multiple sets of credentials.

StealthDEFEND - SSL TLS Support

SSL TLS Support

StealthDEFEND has been updated to support TLS (Transport Layer Security), an updated, more secure, version of SSL. When transporting mission critical data, we want to be sure that data has arrived safely and is delivered in a reliable manner. Using SLL/TLS on the application level that goal is achieved and provides StealthDEFEND with secure browser sessions, safeguarding any sensitive data.

StealthDEFEND - UI Enhancements

UI Enhancements

StealthDEFEND 1.2 now exposes additional agent data that was previously inaccessible. Security analysts benefit most when provided with centralized data, enabling more efficient security management and more comprehensive control of incoming activity. StealthDEFEND gathers a significant amount of data from various agents and now displays that information in an intuitive, easy to use interface.

StealthDEFEND Cybersecurity Playbooks

Step-Up Authentication

Adds an additional layer of protection with a stronger authentication mechanism when accessing sensitive resources or in response to suspicious behavior

User account disabling

Removes access as a precautionary measure until the user provides additional authentication or until an administrator re-enables the account

Incident Management Ticket creation

Logs an incident for triage

SIEM Alert Generation

Forward incident details to a SOC for initial diagnosis

StealthDEFEND Cybersecurity Playbook


StealthDEFEND playbooks allow your organization to:

Mitigate Data Loss Fast detection and response greatly reduces attacker dwell time and contains threats before attackers can advance to the data exfiltration stage

Decrease Response Time SteathDEFEND connects various security applications and processes together to orchestrate and automate the threat response process

Provide Instant Visibility Across Teams Automated incident response instantly notifies Global and Local SOC teams, security analyst and remediation teams ensuring everyone is aware of threats as they occur

Reduce Errors & Increased Productivity Automation removes error prone process from humans and frees them up to focus on high priority threats


StealthDEFEND for File Systems

Data Sheet

Learn More

Build Threat Response Playbooks with the New Action Engine – StealthDEFEND v1.2

On-Demand Webinar

Learn More

For More Information: