The Market's First Identity &Access Threat Prevention Platform
The Preempt Platform
Continuously preempt credential compromise, lateral movement, account takeover, abuse of tools and protocols and other threats with the Preempt Platform
To preempt threats and breaches, the identity teams and security teams must come together to approach the problem in a new, continuous, adaptive and preemptive way with Identity and Access Threat Prevention. And without a holistic view of all users, privileges, access patterns and accounts, having proper controls over accounts (privileged, user, service, and more) can be difficult. The Preempt Platform Delivers.
The Preempt Platform allows organizations to automatically respond in real-time to anomalous or risky behavior, proactively add secure access control and resolve risk and weaknesses before they are exploited by attackers. Uniquely, the Platform uses identity, behavior and risk to continuously and situationally adapt to ensure the right level of security at the right time across all resources (on prem, cloud and hybrid). The Platform offers a core set of capabilities and applications that support a broad set of use cases. The applications allow customers to implement Identity and Access Threat Prevention at the pace and scale that works best in their environment.
Three Core Customer Values
Preempt Security Incidents and Threats
Prevent the impact of breaches and insider threats with real time user verification and control resource access based on identity, behavior and risk. Prevent credential compromise, account takeover, malicious use of tools/protocols and more.
Unify Visibility of Accounts Across All Platforms
See a holistic view of all users, privileges, access patterns and accounts across any identity platform. Understand who is accessing what, when, where and how.
Increase Efficiency of Security Operations
Preemptive blocking and automated resolution of incidents can reduce risk and give your overworked security team a helping hand. Less false positives, fewer incidents to investigate and speed up threat hunting.
Real time Adaptive Response
Real-time adaptive response stops threats without getting an analyst involved or disrupting valid user behavior. Preempt offers a variety of responses (e.g. Block, MFA, Isolation, reduce privileges, alert, etc) and can continually adapt based on identity, behavior and risk. For example, a potentially compromised privileged user could be challenged with MFA to verify identity. When a threat is confirmed, the user can be blocked, isolated or demoted.
Unified and Continuous Visibility
Gain visibility into who is accessing what, when, where and how. All user activity can be seen in one place including access, behavior, history, profile changes, locations, device, role, password strength, privileges, VPN, SSO, authentication requests and more. Preempt analyzes real-time traffic and logs to understand behavior and revel risks (stealthy admins, hidden objects, exposed passwords, weak passwords, stale users, privileged users, etc.). Visibility allows for better controlling privileged accounts, responding to incidents, more efficient audits and more.
Tool and Protocol Containment
Preempt’s unique detection capabilities allow enterprises to prevent lateral movement and unauthorized domain access due to the misuse of network tools (eg. PsExec, PowerShell) and the use of hacking tools (eg. Mimikatz, etc). Preempt also has the ability to deeply inspect authentication protocols (NTLM, Kerberos, LDAP) to help control protocol usage and reduce risk of credential forwarding and password cracking as well as detecting attacks like Pass-the-Hash and Golden Ticket.
Context Based Access Control
Preempt can provide immediate protection of internal resources by either setting up policy based enforcement or easily adding any MFA in front of any network resources without the need for doing development. Organizations can determine and enforce who is able to access what resource and in what context (eg. role, device, location, etc.). For example, restricting access to sensitive servers by contractors, interactive logins by service accounts, privileged account usage, etc.
Preempt Platform Applications
These capabilities power the Preempt Platform for delivering a scalable set of applications to implement Identity and Access Threat Prevention at a pace and scale that works best for customer’s use cases. The applications include:
- Behavioral Firewall:
Real-time, automated and adaptive threat detection and prevention on any network resource
- Any App:
Immediate protection of any resources with policy based enforcement and/or adding MFA to any application
Unified visibility of all accounts across all platforms allows security teams to analyze risks and weaknesses and resolve them before they are exploited
- Threat Hunter:
Proactive tools to search all activity, detect and identify security events or further investigate reported events.
With an open and extensible architecture, Preempt delivers consistent security and user experience across on prem, cloud or hybrid environments. With a broad set of integrations, organizations gain more value out of security investments that have already been made and gain more intelligence for greater context and enforcement.
Not only does it take minimal time and effort to install and maintain the Preempt Platform but once installed you can immediately reduce attack surface and gain protection from deterministic attacks and internal threats.
Industry Leading Research
Preempt’s dedicated security research team is constantly working to stay ahead of emerging risks. Their deep expertises of authorization and authentication protocols has helped them identify several critical Microsoft vulnerabilities and the team has been recognized and by the cyber industry as an innovative thought leader.