A platform that can detect internal threats in companies? Numerous companies and organizations could have avoided huge scandals if they could have acted in the moment, like in the NSA and Snowden case, Bradley Manning and the US diplomatic cables, or Hervé Falciani and data from the HSCB private bank. These are clear example that, when it comes to cyber-security in the corporate environment, it is not enough to cross your fingers and think “this won’t happen to me”. At any moment, an insider could become the greatest threat by misusing the information they use daily and it will turn your organization upside down.
For this reason, Panda Security has introduced the latest version of its Advanced Reporting Tool. The efficient and easy-to-use tool satisfies business needs. It maximizes Big Data performance and helps control corporate resources.
Threats to the Corporate Environment
Currently, PandaLabs detects 227,000 new malware samples per day. The detected malware, along with ransomware attacks and information leaks, stem from employees. Employees misuse and abuse corporate resources and this has a direct effect on business.
After Adaptive Defense extracts all information about the processes running on the endpoint, the Advanced Reporting Tool automatically stores and correlates this information. The platform automatically generates security intelligence and then offers tools that allow users to locate strange behaviors or problems. The Advanced Reporting Tool exposes misuse of the corporate network or resources.
The Advanced Reporting Tool enables the IT administrator to:
- Focus on relevant information, increasing efficiency in the IT department by finding security risks or misappropriation in the corporate infrastructure.
- Pinpoint problems by extracting behavior patterns from resources and users, identifying its impact on the business.
- Alert in real-time about all events that could be a potential data breach.
- Generate configurable reports showing the status of key security indicators and how they are evolving.
What does the latest version offer?
In addition to the existing Big Data Cloud Service and its real-time alerts, the latest version includes predefined and adaptable analysis with three different action areas:
- Information about IT security incidents: generates security intelligence then processes and associates those events as intrusion attempts.
- Controls network applications and resources: detects user patterns of IT resources.
- Controls access to business data, showing any access to confidential information and its online traffic.
Feedback from SIEM system
For organizations already using a SIEM, the Advanced Reporting Tool compliments it providing a SIEMFeeder which feeds your SIEM relevant data and associates it with the information you already have. The SIEMFeeder gathers information from all endpoints that are protected by Adaptive Defense.
The feedback provided by the SIEMFeeder enables you to detect insiders before they become the biggest threat to your business. The SIEMFeeder creates behavioral logics and locates all anomalies existing in your technological system.