Mission Assurance Without Mission Deterrence
Although technology introduces avenues for threats to enter an organization, it is the users, not the technology itself that put organizations' information in jeopardy. SureView™ enables safe and effective use of business and mission-critical technologies by capturing human behavior technical observables, which include policy violations, compliance incidents or malicious acts that are warning signs leading up to a breach.
The Visibility and Context You Need To Eliminate Insider Threats
Only Raytheon’s integrated solution can effectively help you monitor your entire enterprise ecosystem without disrupting business continuity. The policy platform pulls it all together and displays all enterprise activity in an intuitive visual dashboard. If a clear violation is detected, you can target specific events or individual users for investigation. Raytheon provides you all the details, insight, and complete context in the form of video replay to immediately assess the severity of the threat, fix the problem, and build the policies to prevent it from happening in the future.
Threats Begin at the Endpoint
SureView provides visibility into the many areas network devices can’t, including:
- Deliberate, malicious acts such as IP theft, which easily circumvents most data leak solutions.
- Mobile and even internal users that “take themselves offline” or use encryption to avoid detection.
- Complex problems: preventing export violations when intellectual property is inadvertently sent to the wrong countries.
- Suspicious activity within applications, including Lotus Notes and custom deployments of Enterprise Risk Management (ERM) and other internal applications.
- “Leading Indicator” actions, such as a “screen capture” that has been encrypted and saved to a USB drive.
Features and Benefits
- Simplified policy management
- Privacy protection
- Universal SIEM Integration
- Log analysis
- DVR-like replay
- Full activity capture
- Role-based access controls
- Incident replay including full event endpoint video recording and custom applications
- Reduced dependency on technical expertise
- Enables safe and effective use of business and mission-critical technologies
- Measures the impact of new and existing threats and compliance in real time
- Pioneered information protection since 2001
- Monitors endpoint user and system activity, including data-at-rest
- Scalable solution with proven, stable agent
- Detects policy violations hidden by encryption, including Web traffic, e-mail and attachments
- Prompting and remediation for accidental data leak prevention
- Monitors offline activity for mobile and deliberately disconnected users
- The only integrated network and desktop solution covering all users activities
- Industry standard incident investigation and replay
- Shared management of policy, analytics, and reporting
- The most advanced tools and processes developed by world-class team of investigators
- Actionable, efficient results separate the good from the bad, and delivers the evidence you need
Privileged User Monitoring and Auditing (PUMA) Policy Pack
(PUMA) Policy Pack
Key to mitigating privileged user abuse is the ability to determine context and intent, which can only be accomplished by monitoring human behavior. Raytheon SureView™ provides irrefutable attribution to a particular privileged user. SureView’s Privileged User Monitoring and Auditing (PUMA) Policy Pack is based on business policies and best practices for detecting and deterring privileged user abuse. Deploying the PUMA Policy Pack provides enterprise-wide visibility into privileged user activities.
With the SureView PUMA Policy Pack You Can:
- Approach Compliance with Confidence: Superior security that helps you apply the “trust but verify” principle to how you manage and implement oversight for your organization’s privileged users
- Minimize Privileged User Threats: Monitor who is accessing your most sensitive assets with out-of-the box policies based on best practices and years of experience and the ability to fine-tune or create new policies to meet your organization’s needs
- Mitigate Risk to Enhance the Bottom Line: Prevent the loss or destruction of intellectual property and other information assets
Active Malware Protection (AMP) Policy Pack
(AMP) Policy Pack
Active Malware Protection (AMP) is a SureView policy pack that identifies malware behaviors rather than instances of known malware. This method provides inherent advantages over traditional, signature-based methods, which allows SureView to detect malware before signatures, definitions, and other indicators have been provided.
How AMP has helped Customers:
- 26 malicious files detected in 1st 90 days
- 12 were undetected by traditional defenses
- 4 files submitted to anti virus vendor for definition updates
- Included a previously undiscovered root kit variant
- Reduced investigation time from days to hours
- Video replay of the activity around the malware alert
- No network log search/analysis required
- Immediate source identification
- Less disruptive to the employee and productivity
- SureView AMP is active and can provide security regardless of location