The Preempt Behavioral Firewall
Introducing the industry’s first Behavioral Firewall. Your insider threat prevention program just got easier.
Preempt Behavioral Firewall
Turn behavioral analytics into real-time action that stops security breaches and insider threats without impacting your business. The Preempt Behavioral Firewall scores the risk of every user, account, and device in the network, then delivers adaptive actions to verify and eliminate threats — all without manual intervention from your security team.
User and Entity Behavior Analytics
The Behavioral Firewall learns the behavior of every user and device on the network including privileged users and service accounts. It exposes behavior of careless users, malicious insiders and attackers including if they attempt lateral movement, privilege escalation, attacks agains internal infrastructure, and more.
Real-Time Response and Enforcement
Based on policy, Preempt can progressively interact with suspicious users to verify threats and enforce policy without impacting valid users. For example, a potentially compromised user could be challenged with multi-factor authentication to verify identity. Users with weak passwords could be forced to change their password. When a threat is confirmed, the user can be blocked, isolated or demoted.
Proactive Risk Scoring
Every entity in the network is continuously scored in the context of role, observed behavior, and potential impact to assets. Scores adapt automatically in response to policy-based challenges such as multi-factor authentication, and are prioritized based on attributes such as a user’s privileges, role, password strength, peer group, associated endpoints, value of assets and multiple additional dimensions.
Predictive Insights into the Attack Surface
Instant visibility into your security posture enables you to resolve risks and weaknesses before they are exploited by attackers. Quickly find privileged accounts you didn’t know about, the use of shared accounts, and track use of unmanaged devices, weak or exposed passwords, or passwords that never expire.
The Policy Engine allows you to design policies that are both enforceable and appropriate to your business. Fine-grained actions allow you to match the level of response to the risk, and can automatically adapt based on changing context, ensuring risks are mitigated while the organization remains productive.
Extensible integrations extend the value of your existing investments and provide additional perspectives of the network and empower Preempt's Policy Engine with additional response options. The solution integrates with a variety of data intelligence providers, cloud single sign-on solutions, VPN concentrators, gateways, SIEMs, and enforcement solutions.
Centralized management ensures Preempt can be deployed in any organization while retaining full visibility and control across all sites and locations. Staff can easily view insights, incidents, statistics and maintain a coordinated workflow across the entire organization.
The Preempt Behavioral Firewall can be deployed in either in-line or span port (sniffer) mode. The unique design enables threat response capabilities in both modes, ensuring that your security administrators only follow up on valid threats.