ObserveIT, the global leader in insider threat detection, addresses the significant issue of insider-caused security incidents, which represent 90% of security issues. The document highlights the features of the ObserveIT 6.7 release, including enhanced user activity monitoring, privacy measures through anonymization, and monitoring of user behaviors through a comprehensive alert system. It emphasizes the need for regulatory compliance and provides options for both existing customers and new users to upgrade or trial the software.

1. Over 1,400 Customers Worldwide
ObserveIT is the Global Leader in
Identifying & Eliminating Insider Threats
2016
Innovation
Award
ObserveIT 6.7 Release Highlights
November 2016

2. Speakers
Kevin Donovan
Solutions Architect
ITPM
Michael Gordover
Solutions Architect
(ISC)² Associate CISSP,
ITPM
John Vigeant
VP Sales, Americas

3. Insider Threat is a Big Problem
3
90%
of security incidents are caused by people
58%
of breaches are caused from
internal incidents or with a
business partner’s organization
55% of attacks are originated by an insider
Source: Verizon 2015 Data Breach Investigations Report Forrester’s Global Business Teechnographics Security Survey 2015 2015 IBM Cyber Security Intelligence Index

4. The Challenge: Visibility & Privacy
4
Data exfiltration (USB, printing, web)
Granting / elevating access privileges
Unauthorized software access, downloads
Questionable web activities (dark web,
gambling)
… and all must meet regulatory compliance standards

5. Before 5.0
User Activity
Monitoring
5.5
User Activity
Alerting
6.0
Dashboard
User Risk
Scoring
2006 20162014 - 2015
DETECTINVESTIGATE MITIGATEINTEGRATE ANALYZE
6.5
Alert Engine Overhaul
Security Awareness
ObserveIT History
6.7
Enhanced Alerts
Web Categorization
Anonymization

6. 180 Rules to Protect Your Data
Built-in threat categories include:
• Application Data Theft
• Bypassing Security Controls
• Creating Backdoor
• Data Exfiltration
• Privilege Elevation
• Unauthorized Admin Tasks
• Malicious Software
• Shell Attack
• System Tampering
• Unauthorized Shell
Alert rules are automatically mapped to specific user
types (e.g., privileged, remote vendors, terminated
employees) with a different risk level for each specific
user group (these settings can also be user-
customized if desired).
Zero configuration time for most common insider risk issues
1
Auto-configuring rules to identify risk behaviors based on roles, applications, and systems

7. Full Web Monitoring
Know when users visit out-of-policy website categories for
increased visibility into online user behavior and detection of phishing/infections
Website categories are indicated
in alerts and reports for greater
visibility into user behavior.
See the story, not just HTTP/S requests, including encrypted traffic and dynamic content
No impact to business operations (versus blocking)
No expensive network appliances to manage
2

8. Detect Data Exfiltration through Print
Rule-based monitoring of print job sent to local or networked printers
What is being printed
Number of pages
sent to printer
Printer name
(local or network)
Large print operation
3

9. Guarantee Employee Privacy
Selective anonymization of user names, login accounts and computers for
enhanced user privacy and regulation compliance
Process to Expose individual users for
deeper inspection
Exclude specific groups from being
anonymized (e.g., remote vendors)
User Identity Anonymization for GDPR compliance
4

10. User meta-data integration
Easily create and manage complex list-
based rules
Import lists
While and black-list
5
Augment active directory roles with additional data and segmentation on users

11. Mac Agent Support
Full video and metadata recording on Mac desktops, laptops and servers

12. Brief Demo

13. 5 Reasons to upgrade to v6.7
• Full website monitoring
• New Insider Threat Library
• Track Print Jobs
• Privacy with Anonymization
• Easily import user meta-data

14. Contact US
• Existing Customers – free upgrade (contact Sales or Support)
Sales@ObserveIT.com or Support@ObserveIT.com
• New Customers – Download trial at:
http://www.observeit.com/tryitnow

15. Thank You