Protect what really matters!
your people, your data and your operating systems
Jazz Networks Behavior Analysis
Jazz is built to protect your people, your data and your reputation - all in one plaform
- your people's way of handling your data,
- your data
- and your operating systems.
Protect Your People
- Educate the workforce
- Your weakest link becomes a part of your defense: no human error, misuse, or phishing
- Policy compliance monitoring
- Regain control & visibility of your remote workforce
- 70% of people work from home 1x/week
- See all offline & non-corporate network activity
- On-the-spot training that explains the violation to the user, correlating their action to instant feedback
- Enforce company policy and track policy violations
- Customizable on-screen message when user violates policies
- Improves behavior over time
- Employee details sync from LDAP (including active directory), as well as online status, location, network name, and foreground application
- Current Wi-Fi connection and Geo-IP location
- Summary of alarms and triggered sensors
- Activity feed displays all user events in logical sequence, including: print events, browser events, integration events, connections, file events, DNS lookups, USB events, logins, and changes in foreground applications
Protect Your Data
Identify abnormal user, application, and operating system activities with machine learning. Catch data exfiltration attempts such as web uploads, printing, data sent and received, USB, DNS tunneling, and many other vectors. Prevent data from leaving your organization with real time actions and policy packs.
Detect compromised user credentials by analyzing all user actions and patterns leading up to the moment in question - not just those that triggered a sensor. Expose phishing attacks to stop them from spreading within the organization. Detect spoofed Wi-Fi networks by tracking BSSIDs.
Inspect all content in-motion. Understand the full context around any event with visibility beyond policy violations. Mitigate risk by locking out a user or isolating the endpoint from the network for high-severity events.
Corporate policy violations:
- Using Cloud storage
- USB usage
- Connecting to insecure networks
External attack attempts
- Port scanners
- Spoofed Wi-Fi networks
- Failed login attempts
Malicious or abnormal activity
- Outbound connection
- Machine generated DNS
- Binary file execution
- Inbound/outbound bytes sent and received
- DNS exfiltration
- Web uploads
Out of the box policy packs
- DLP policy packs combined with content inspection on files.
- Additional policy packs: browser, network, application, DNS, and USB.
- Assign to certain agents or group of agents
- Policy and automated actions works offline.
- Display message to prompt users with a customized pop-up notification.
- Take screenshot to capture users desktop, visible through activity feed and action logs.
- Multi-factor authentication to confirm an employee’s identity, if they’re behaving abnormally.
- Lock a computer if malicious intent is identified.
- Isolate an infected computer or server from the rest of the network to prevent malicious software from spreading.
Protect Your Reputation
Risk and compliance
- Adherence to industry laws and regulations
- Ensure you can meet GDPR deadlines in case of a breach
- Manage reputational risk. Accessible insight if you are audited
Hunting and forensics
- Easily navigate millions of data logs
- No query language needed
- Access historical context
- Uncover user details in seconds
- Easily navigate millions of data logs
- Uncover user event details in seconds such as file names, frequency of use, data movement, applications, processes, connections, and more.
- Quickly create a detailed hypothesis in response to an alarm or incident.
- No query language knowledge needed to search for users, servers, or events. Built like a search engine, the Jazz Power Search enables operators to find a detail amongst the millions of data records collected.
Cybersecurity data recorder
- The data recorder provides a full paper trail during an incident investigation – even if data is deleted or evidence is destroyed during an attack.
- See netflows of traffic & applications that initiated the user or server’s connections.
- Expand details to see other users connected to the same host.