Detect and Disrupt In-progress Attacks

Privileged Threat Analytics, part of the CyberArk Privileged Account Security Solution, is an expert system for privileged account security intelligence, providing targeted, immediately actionable threat alerts by identifying previously undetectable malicious privileged user activity. As the industry’s only Privileged Threat Analytics solution, the product breaks new ground using proprietary algorithms to call attention to the most menacing of threats: those aimed at privileged accounts. By applying patented analytic technology to a rich set of privileged account behavior, the Privileged Threat Analytics produces highly accurate and immediately actionable intelligence, allowing incident response teams to respond directly to the attack.

  1. Features
  2. Benefits
  • Detect and disrupt attacks with analysis based on user behavior, eliminating the dependence on prior knowledge of attack signatures or sandboxing
  • Dramatically shorten an attacker’s window of opportunity and reduce damage with accurate, real-time alerting of in-progress attacks
  • Enhance the value of existing SIEM solutions with out-of-the-box integrations
  • Reduce false positives by focusing on the critical privileged users, not shared accounts
  • Accelerate remediation with immediate access to detailed information about the attack
  • Adapt threat detection to a changing environment with self-learning algorithms that continuously adjust the baseline behavior profiles as the environment evolves
  • Improve auditing processes with informative data on user patterns and activities
  • View privileged user activity and anomalies in convenient, easy-to-read graphs and tables
  • The right data vs. all the data
    CyberArk Privileged Threat Analytics focuses on the data that counts: privileged account user data. With traditional analytic systems, organizations struggle to know how to respond appropriately: which threat is real? CyberArk focuses on the privileged account user data, where the highest risk for extensive damage lies.
  • Privileged users vs. privileged accounts
    Privileged accounts are typically shared accounts – they are not tied to an individual user. This prohibits traditional analytics solutions from attributing activity to a single user. Privileged Threat Analytics analyzes account behavior at the individual user level, delivering precise, context-aware, and immediately actionable alerts.
  • Patented analytic algorithms
    Using proprietary algorithms that learn the behavior of the privileged user, Privileged Threat Analytics compares real-time privileged account activity to historical behavior in order to detect anomalies as they occur. These anomalies are then correlated to immediately determine whether they reveal malicious intent.
  • Integration with SIEM solutions
    In addition to a proprietary dashboard built into the system, data and alerts from Privileged Threat Analytics can be integrated into an organization’s existing SIEM system. The analytics on fine-grained privileged user behavior improves the effectiveness of the SIEM system by enabling targeted alerts on privileged account risks.
  • Integration with Privileged Account Security products
    Privileged Threat Analytics works out of the box with CyberArk’s Privileged Account Security products to provide complete management, monitoring, recording and secure single-sign-on for privileged accounts.