Preempt Behavioral Firewall
Real-Time Threat Prevention
Continuously Preempt Threats Based on Identity, Behavior and Risk
The Behavioral Firewall protects organizations from internal threats and security breaches by continuously preempting threats based on identity, behavior and risk. With real-time, automated and situational threat prevention and enforcement, it’s goal is to detect, challenge and respond to threats and risky behavior without getting a security analyst involved. When an anomaly or risky behavior is detected, the Behavioral Firewall will challenge the suspicious behavior by proactively engaging with users to verify identity, get definitive answers and enforce policy. The solution automatically acts in proportion to risk.
As the anchor application to Preempt Platform, the Behavioral Firewall leverages all of the capabilities of the platform and provides full access to all applications across the platform including Behavioral Firewall, Any App, Threat Hunter and Insights.
How customers use the Behavioral Firewall
How it Works
The Behavioral Firewall leverages all of the core capabilities of the Preempt Platform including multi-dimensional data analysis, behavioral analytics, continuous risk assessment, adaptive response and enforcement and the policy engine.
Learn and Analyze Behavior
It learns the behavior of every user and device on the network with any network resource — including privileged users and service accounts. The system classifies users and machines based on their real time network and activity from Cloud services, VPN, as well as other sources. It then exposes behavior of careless users, malicious insiders, attackers, compromised accounts or devices, lateral movement, attempts to escalate privileges, and attacks against internal infrastructure.
Every entity in the network is continuously scored in the context of role, relationships with other entities, behavior, and potential impact to assets. Scores adapt automatically and are prioritized based on attributes such as a user’s privileges, role, password strength, peer group, associated endpoints, value of assets and multiple additional dimensions.
When risky behavior is detected, the Behavioral Firewall delivers adaptive actions based on identity, behavior and risk to verify and eliminate threats—all without manual intervention from your security team. Preempt can progressively interact with users to verify threats and enforce policy. Fine-grained actions allow you to match the level of response to the risk, and can automatically adapt based on changing context.
The Policy Engine allows you to design policies that are both enforceable and appropriate to your business. Fine-grained actions allow you to match the level of response to the risk, and can automatically adapt based on changing context, ensuring risks are mitigated while the organization remains productive.