Report module. Advanced data enrichment, new analysis tools and web console improvements
1. Incident Response Module (forensic investigation workflow):
· Built-in incident response and task tracking
· New object “Task” with customizable fields and drop-down lists
· Attaching incidents, files, comments to existing Task
· Notification about new Tasks, and changes in existing ones
· Reporting capabilities
· Logging all actions during investigation
· Customizable data fields, so module could be used as a task tracker for other processes
2. New assessment tools, data enrichment, reports and improvements in Employee’s Profile:
2.1. Risk-based assessment tool:
· SIEM-style risk assessment and analysis
· Highlights employees and incidents to focus on
· Sources of risks are anomalies and policies
· Risks are dynamic
· Built-in and user-defined risks.
2.2. New UBA engine:
· Updated user behavior analysis module in backend
· New algorithm based on anomalies
· Anomalies include first use of new devices/services, using more than one account in social networks/messengers etc.
· Comparison with previous time period.
2.3. Staff Control module:
· Built-in module to collect and analyze employees’ working time
· Big set of calculated parameters: Time at PC, Active time, Productive time etc.
· Aggregated productivity parameters
· Working time discipline analysis: lateness, early departures, breaks, absence, overtime
· Time sheets, productivity analytics and reports
· Customizable categories of websites and application
· Diagrams and data visualization
2.4. Behavioral profiles:
· Dynamic behavioral profiling, finding high-risk profiles of employees and groups
· Monitoring and analysis of all behavior characteristics
2.5. Live monitoring of user session with web camera and desktop online access on endpoints
2.6. Update of visual and functional components of Employees Profile section:
· New dashboard widgets (Tasks, Web camera/Desktop live access etc)
· New user summary and parameters in the user profile header with quick actions for live monitoring of users
· Option to manually add users’ social network/messenger account in employee profile
· Updated user connection map with new drawing concept and parameters capable of displaying up to 1000 users
· Quick comparison of behavioral profiles for users and organization units
· Chat-like report to display captured dialogues between persons in all instant messengers
· Aggregated feed-like report for incidents with preview section
· New user statuses and control options
· Other GUI updates in Report module.
Policy Server. New system policies, capabilities and monitored channels:
1. DLP policy improvements and updates:
1.1 New conditions and used triggers in system policies
· User status
· Number of printed pages
· Computer domain
· Previous policy triggered
1.2 New actions and system operations:
· Assign customized risk score rate for this incident type
· Making user’s workspace screenshot and photo from web camera
· Block user from making screenshots
· Add specific status to the target user
· Add specific label to the current incident
· Add customizable watermark on top of specific application launched
· Active windows session logout on target PC for the user with the following options:
- Following login is impossible
- Block user account in MS Active Directory.
2. New channel support and system capabilities
2.1. Microsoft Team support
2.2. New image template recognition engine with advanced AI algorithm
2.3. Credit cards number analysis and verification using Luhn algorithm
2.4. New capabilities of agent hiding on endpoint (agent folders and files)
2.5. Offline (by phone) access request for external device
3. System administration improvements:
3.1 New easy-to-run agent synchronization capabilities in Distribution section
3.2 New capabilities for org units structure in Distribution section with corporate domain PCs and domain-less standalone PCs
3.3 Online access to user’s desktop in Device Control section of Agent Status
3.4 User logout button in Management Console and inactivity timeout
4. Domain-less network and workgroups support.
Installer Server:
1. New capabilities for Tasks management and configuration:
· Ability to setup list of target workstations both from MS Active Directory and domain-less workgroups
· Ability to setup IP addresses of target workstation as well as range of IP for workstations in the active task
· Load target workstation IP addresses from structured text file.
Screen Photo Detector module:
1. New capabilities for capturing user’s attempts of making photo of the screen:
· Ability to detect users attempts of making photos of the screen using smartphones
· Recognizing image of smartphone in front of the display in 0.06 sec using AI-based algorithm
· Two preinstalled neural networks perform recognition of image of smartphones.