Active Directory Security

Active Directory Security

While organizations have known for years signatures and perimeter-based approaches to security were not enough, many of the alternatives have proven difficult to implement and often failed to deliver value. Monitoring internal behavior often requires tricky and expensive efforts to tap traffic in many different places in the network, or to deploy endpoint agents on countless devices. Worse still, most behavioral detection models are not conclusive and fail to actually block threats, instead pushing additional incident response and analysis work to overburdened security staff.

Preempt makes security simple, flexible, and enforceable by bringing a real-time layer of security to the organization’s authentication infrastructure. The solution directly monitors traffic to Active Directory to analyze the behavior of all accounts, proactively find weaknesses, detect active threats, and provide enforcement that can adapt to changes in context.

As organizations look to bring security deeper into the network, the authentication infrastructure provides the natural focal point where all in the network access is granted. Preempt takes advantage of this strategic location to extend beyond simple access control and deliver real-time threat prevention based on identity, behavior, and risk.

Learn More

Comparing Preempt and Microsoft ATA and AATP

Download Now

Find Threats Based on Behavior

- Automatically learn behavior for every entity in the network and proactively identify deviations or risky behavior.

- Challenge suspicious behavior and automatically update the learning model based on the results.

- Detect the specific behaviors of attackers including reconnaissance, lateral movement, privilege escalation, and the use of key attack tools.

Take Action to Prevent Loss

- Actively enforce policy and stop threats before access is granted to sensitive assets and data.

- Challenge suspicious behavior with adaptive MFA to confirm a threat or automatically resolve an event.

- Flexible response options that align and adapt to the changing levels of risk (MFA, block, lower permissions, reset password, etc)

Continuous Audit of Risk and Security Posture

- Proactively expose configuration weakness, risky behavior, password problems and more.

- Score all users, privileged users, service accounts, groups and organizational units in terms of risk.

- Automatically identify stealthy administrators, stale accounts, shared passwords and other issues that are traditionally hard to find.