Ekran System Forensic Monitoring Tool
 

MONITOR, DETECT, AND ANALYZE

USER-BASED THREATS

 Growing vulnerability to insider threats 

The amount of user-based attacks on corporate data and the resultant losses to affected businesses is continually growing since 2014. The negative effect on the victims makes recovery difficult and the impact long-lasting. The insider threat landscape is becoming more difficult and the focus of security monitoring is moving beyond employees and privileged IT staff. Now it is also necessary to audit business partners, suppliers, contractors with escalated access rights, and third-party service providers with admin privileges.

Solution

Ekran System is a modern software-based solution for corporate security monitoring that allows to record and analyze everything that takes place on all user screens: terminals, local PCs, and virtual machines. Linux, Windows, and Citrix platforms are supported.

With Ekran System you will be aware of any activity on the server, from configuration changes to any other user and system management actions, giving you all the data necessary to explore any incident. Searchable video records of all user actions, real-time alerts on target events, easy-to-analyze monitoring results, and advanced generated reports help companies protect themselves from insider threat, prevent internal data misuse, competitor contacts, data and infrastructure corruption, fraud issues, and also comply with HIPAA, PCI, SOX, DPD regulations.

How it works

Being installed on server or workstation, Ekran Client records video of all logged in user sessions and accompanying metadata like active application name, currently opened window title, URL address, keystrokes, entered command, etc. Ekran provides full-functional playback for all session records as well as easy search by metadata keywords – everything via Web-based panel. Real-time alerts with direct link to the corresponding record and USB blocking make control even more proactive.

Best Affordability

Ekran System is licensed only by the number of Ekran Clients – end-points to be monitored. All Management components, including Server and Management Tool, are provided for free with any deployment. The solution supports both commercial database MSSQL and free embedded database Firebird to store monitoring results, so you can save even more costs at your deployment.

DISCOVER, INVESTIGATE, AND PREVENT ALL POSSIBLE VIOLATIONS

 Monitor user activity – create searchable video logs of all their actions

With Ekran System, you can control the work of your corporate network users, including system administrators and other privileged users, and always be sure about all their actions. Ekran System creates the complete video records of all local, remote, and terminal sessions. With Ekran System, nothing can hide: its screen recording system is universal, because every user action performed is displayed on the screen, and thus will be captured. The product works for any network protocol, application, even for all types of architecture (AD or non-AD users). Ekran System supports Citrix, Terminal Services, VNC, Remote Desktop access, and more configurations.

Analyze monitoring results – discover suspicious user behavior

Ekran System records all user sessions, including the privileged ones, and it’s practically impossible to avoid. Each video record is supplemented with text metadata like active application name, currently opened window title, URL address, keystrokes, etc. Keyword-based search gives you an effective tool to perform retrospective user action analysis and incident investigation. Alert feature makes security system more proactive: it allows to quickly respond to suspicious events and user actions. You can also connect to any "live" session and see what is going on in real time.

Examine malicious activity – restore the chain of events

When you suspect there has been a breach of corporate security, it can often be difficult to figure out what really happened, who was involved, what actions were performed, and the scope of the problem. Ekran System will provide you with complete, detailed information about everything that took place on each computer and terminal server in your organization. Using the records of all the involved machines, you can reconstruct a precise picture of the incident and get accurate facts needed to guide any decisions. The ability to export video episodes into forensic format will allow you to share video evidence with any appropriate party, like law enforcement, legal counsel, present it to managers or executives during an internal meeting.

Get more information

Visit our website www.ekransystem.com or contact Italy representative
BusinesstoVirtual  : sales@businesstovirtual.com
 
 
  Site Map