Change and Access Auditing | Real-Time Alerting
Active Directory (AD), File Systems, and Exchange are giant figures on any organization’s threat surface. However, most organizations lack visibility and control over changes and activities taking place in these environments, resulting in major security and operational risks.
StealthINTERCEPT provides crystal clear visibility into and control over the changes and activities that violate your security and operational policies, strengthening your organization’s security from the core and eliminating unnecessary risks.
StealthINTERCEPT v4.0 has arrived! Some highlights of the new release include:
Authentication Blocking - StealthINTERCEPT has visibility into every Kerberos and NTLM authentication, can control which resources an account can authenticate from or to, and can detect authentication activities indicative of compromised credentials. This allows organization to stop active attacks in their tracks, as well as drastically mitigate security and operational risks that allow scenarios like credential theft, lateral movement, and operational outage to occur in the first place.
Automatic File System Activity Blocking - Ransomware, external attackers, and internal bad actors often exhibit the same signs of behavior when it comes to file system data destruction and compromise: large volumes of file access events in short periods of time. StealthINTERCEPT enables organizations to monitor and automatically block threats against file system data on their Windows file servers and shares without any reliance on native logging, and in real-time, preventing active threats from proceeding further and limiting the damage that can be done.
Exchange Operation-Level Monitoring - StealthINTERCEPT provides organizations with the ability to easily monitor, control, and alert on Exchange mailbox access events and permission changes in real-time, without any reliance on native auditing. With the addition of operation-level monitoring within mailboxes themselves, security and forensic teams can obtain immediate and deep insight into who is performing specific types of functions, along with the associated details of critical activities like messages read, attachments accessed or forwarded, deletions, and other indicators of compromise or abuse.
Nested Group Membership Changes - StealthINTERCEPT’s understanding of all groups and their effective membership, combined with its visibility into group membership changes enables organizations to accurately monitor, block, and alert on sensitive group membership changes in real-time, regardless of nesting conditions. For auditors, security, and operations personnel, StealthINTERCEPT displays the full details of how groups relate to one another, provide clear visibility into otherwise invisible scenarios.