The Preempt Platform
Introducing the Market's First Adaptive Threat Prevention Platform Based on Identity, Behavior and Risk.
Eliminate Security Threats in Real-Time
The Preempt Platform helps security teams balance the threat of cyberattacks, breaches and internal threats without disrupting business or overloading analysts with false positives.
The Preempt Platform is the only solution that continuously preempts threats based on identity, behavior and risk. This comprehensive platform allows organizations to automatically respond in real-time to anomalous or risky behavior, proactively add secure access control and contain risk and weaknesses before they are exploited by attackers. And installation is a breeze. Typical installs are completed in a few hours, providing significant value on day one and increasing value over time for high impact and a low total cost of ownership.
At the heart of the Platform are a set of core capabilities including multi-dimensional data analysis, behavioral analytics, continuous risk assessment, adaptive response enforcement and a robust and flexible policy engine. These capabilities help to power the Platform for delivering a scalable set of applications that help customers prevent threats and support broad set of use cases. The applications include:
- Behavioral Firewall: real-time, automated and situational threat detection and enforcement on any network resource. Learn more.
- Any App: allows organizations to easily expand secure authentication to any application without additional development. Learn more.
- Insights: provides instant visibility into security posture enabling security teams to analyze risks and weaknesses and resolve them before they are exploited. Learn more.
- Threat Hunter: allows security analysts to proactively search all activity, detect and identify security events or further investigate reported events. Learn more.
Multi-dimensional Data Analysis
The Preempt Platform continuously monitors Active Directory traffic, collects real-time metadata (e.g. user type, access level), logs from multiple data sources (e.g. cloud single sign-on, Active Directory, VPN concentrators, next gen firewalls, human resource management systems, etc.) for analyzing identity, behavior and risk.
User and Entity Behavior Analytics (UEBA)
Preempt continuously monitors the behavior of every user and device on the network, including privileged users and service accounts. The system exposes behavior of insecure users, malicious insiders, and security threats such as compromised accounts or devices, lateral movement, attempts to escalate privileges, and attacks against internal infrastructure.
Continuous Risk Assessment
Every entity is continuously scored in the context of role, observed behavior, and potential impact to assets and automatically identify outliers. Risk scores adapt automatically in response to policy-based authentication challenges such as multi-factor authentication (MFA), and prioritized based on attributes such as user privileges, role, password strength, peer group, associated endpoints, and asset value.
Adaptive Response and Enforcement
Based on enterprise customizable policies, Preempt automatically and progressively interacts with suspicious users to verify threats, changing user activity, changes in role, etc. – all without impacting legitimate business activity. Response adapts to the situation based on identity, behavior and risk. For example, a potentially compromised user could be challenged with MFA to verify identity. When a threat is confirmed, the user can be blocked, isolated or demoted. Or, if a privileged user accesses a sensitive server, the user can be instantly verified before access is granted.
The Policy Engine allows you to design policies that are both enforceable and appropriate to your business. Fine-grained actions allow you to match the level of response to the risk, and can automatically adapt based on changing context, ensuring risks are mitigated while the organization remains productive.
Extensible integrations extend the value of your existing investments and provide additional perspectives of the network and empower Preempt's Policy Engine with additional response options. The solution integrates with a variety of data intelligence providers, cloud single sign-on solutions, VPN concentrators, gateways, SIEMs, and enforcement solutions.
Centralized management ensures Preempt can be deployed in any organization while retaining full visibility and control across all sites and locations. Staff can easily view insights, incidents, statistics and maintain a coordinated workflow across the entire organization.
The Preempt Platform can be deployed in either active or passive (sniffer) mode. The unique design enables threat response capabilities in both modes, ensuring that your security administrators only follow up on valid threats to any network resource. No endpoint software agents are required.