PREEMPT LITE: Our free, easy and continuous solution. It's self-serve!

Preempt Lite

Preempt Platform

Conditional Access Anywhere

The Preempt Platform

If you can’t see all your users or know what they are doing and accessing, it’s difficult to control risks and prevent threats. The Preempt Platform takes a modern approach to the problem and puts you back in the driver’s seat.

Preempt empowers organizations to easily reduce user risk on their attack surface and preempt threats in real time with Conditional Access. Our patented technology continuously analyzes, adapts and responds to threats based on identity, behavior and risk to auto-resolve insider threats and targeted attacks.

See What Makes Preempt Different


Continuous. Adaptive. Automated. Conditional Access.


Understand Identity Everywhere

Organizations often have incomplete views of who is accessing what, when, where and how across multiple security solutions and platforms. Preempt solves this by auto-discovering all users, privileges, accounts, devices and behavioral access patterns whether on premises, in the cloud, or in hybrid environments.

Preempt  provides a continuous health and risk assessment revealing password problems, privileged access, stale accounts, stealthy admins, Active Directory (AD) configuration issues and more. Actionable insights allow your security team to easily reduce risk and your attack surface making it easier to pass your next audit.

ACTIONABLE INSIGHTS

Detect Threats in Real-time

Credential based attacks continue to be the number one way organizations are compromised. Preempt approaches threat detection differently. Our User and Entity Behavior Analytics (UEBA) learns the behavior and develops a risk score for every user and device on the network. Trusted and untrusted access is baselined through analysis of live authentication traffic combined with SSO, Cloud Directories, VPN, supervised and unsupervised learning and more.

By combining Analytics that are focused on identity, behavior and risk with real time traffic (either passive/sniffer mode or inline), it provides greater fidelity in attack detection.

  • TYPES OF THREATS DETECTED
    • Risky user behavior
    • Malicious insiders
    • Behavioral anomalies
    • Privilege access abuse
    • Compromised accounts or devices
    • Lateral movement
    • Attempts to escalate privilege
    • Attacks against internal infrastructure
    • And much more

Tools and Protocol Usage

Uniquely, Preempt allows organizations to detect and gain more control over misuse of protocols and malicious use of tools. This helps reduce risk of improper tool use, credential forwarding, password cracking and other credential-based attacks such as Pass-the-Hash and Golden Ticket.

Reconnaissance and attack tools

Mimikatz
PowerShell
PsExec
Bloodhound

Deeply inspect real time authentication protocol usage

NTLM
DCE/RCP
Kerberos
LDAP

Fast, Powerful Investigations to Pinpoint Hidden Threats

The Platform’s Threat Hunter interface lets analysts select and search across any attribute without needing to craft arduous string-based queries.  This lets analysts dial in exactly what they are looking for and quickly test hypotheses without getting bogged down pouring over logs.

Threat Hunter Searches Include:

Authentication Type (e.g. LDAP, SSO)
Service Access Type (e.g. Fileshare, Remote Desktop)
Account Events + Time Range
User Attributes (e.g. High Risk, Weak PW)
Privileges (e.g. By group membership, by delegation)
Location (e.g. CIDR, Site, Geo)

Confidently Preempt Threats With Conditional Access

Threats aren’t black or white so responding to possible threats with a simple block or allow won’t work. Whether it’s simply adding MFA in front of your most sensitive applications or responding in real-time to suspicious behavior, Preempt’s Conditional Access gives you the flexibility to respond in real-time to prevent threats without disrupting real business.

Adaptive Enforcement based on Identity, Behavior and Risk

When suspicious or risky behavior is detected, the Platform’s Conditional Access capabilities step in to help you proactively respond to threats without getting an analyst involved or disrupting valid users. Preempt’s adaptive policies can progressively interact with users to verify legitimate access and block untrusted authentications in real-time. Fine-grained actions allow you to match the level of response to the risk, and can automatically adapt based on changing context.

Adaptive MFA Anywhere

Protecting internal applications from credential compromise is easy with Conditional Access. With a highly-adaptable policy engine, enterprises can quickly snap on secure authentication, such as multi-factor authentication (MFA), to applications without interfering with the application itself. Organizations can gain more value out of their existing MFA deployments (Okta MFA, SecureAuth, PingIdentity, Duo and more) and also provides the flexibility to seamlessly change MFA or use a variety of vendors.

Adaptive MFA Benefits

Any Application or Resource
Any MFA
No Device Agents
No modifying the application or the endpoint
Eliminate need for segmentation
Policy-based or Prescriptive
Cloud or On Premises

Ease of Deployment

Preempt works with your authentication infrastructure to provide consistent insights, threat detection, and adaptive enforce across your organization. The two-tier platform architecture allows you to get up and running quickly, and easily access just the features you need.

Self-Install Within 2 Hours

Immediately understand your authentication footprint and the Identity health posture

Conditional Access Anywhere

Apply Conditional Access across complex Enterprise environments (On-Premises, Hybrid and Cloud)

Increase Efficiency of Security Operations

Preemptive blocking and auto-remediation reduces risk and the number of incidents to investigate

Deploying Preempt

The Preempt Platform supports teams of all sizes and maturity levels and will adapt with your organization as it grows and changes whether it be on premises or in the cloud.

Preempt has a two tier architecture: Central Management deployed either on premises or on AWS/Azure and Sensors that are distributed across the network in either passive or active mode to enable real-time threat detection and prevention.

Preempt increases your company’s security hygiene and reduces the overall attack surface without impacting the resiliency and integrity of your network infrastructure.

Learn More: Download
“High Availability Scenarios”
Whitepaper

Where Preempt Fits

Interested in Seeing
Preempt in Action?

REQUEST A DEMO

TRY OUT PREEMPT LITE FOR FREE

} }