Preempt is a US-Israel collaboration founded by Ajit Sancheti and Roman Blachman.
How does it work?
What we do is sit in front of the active directory domain controllers and monitors the traffic.
We work with many organizations, from under 100 employees to thousands of them.
Is your solution automatic or does it require people to operate it?
Many of the incidents are auto resolved and dont require any human intervention.
The idea is not to stop business processes, but to ensure they remain secure.
The fact that behavior is so dynamic requires us to do a whole lot of learning.
Most access is controlled by identity.
Have you found any behavioral patterns with your customers?
We’re seeing 2-3 patterns.
Many companies want control over their privileged users,
while others are more concerned about contractors and external consultants.
At the end of the day, they all want to have visibility.
Can you characterize a malicious insider?
Companies trust their employees, giving them access to just about everything, and thats the challenge.
Such behaviors pose a significant threat to the organization’s security.
There are also malicious insiders who are knowingly doing insecure things for personal gain.
We can challenge the user with an extra layer of authentication and we can block them if needed.
Do companies tell their employees about your system?
Most companies dont tell their employees about it, because they want to monitor their employees' behavior objectively.
My belief is that companies that do share this information will end up more secure.
How do companies react when insider threats are detected?
So, they know their actions are being tracked.
What would you advise to companies who wish to secure their networks from the inside?
In many cases, employees have access to more than what they need to do their jobs.
Secondly, they should educate employees on the implications of their actions.
The more awareness to user behavior the more secure and effective the business will become.
How do you see the future of enterprise information security?
Behavioral Firewalls enable that transformation.
c’mon, comment on how to improve this article.
