Osirium's Privileged Behaviour Management (PBM) uses machine learning techniques to create a baseline of each privileged user. Since the Privileged Access Policy is organised in Profiles, the Privileged Behaviour Management module can derive peer users. Users can be compared against their peers in terms including posture, role use, devices, actions and time.
PBM takes this data and maps it into a multi-dimensional space. From here it has two goals (a) ACTIVE Threat – hunting for anomalous behaviour and (b) PASSIVE Threat looking for users that have high privileged roles assigned that are not being used. The data is presented in terms of time and coefficient of suspicion, all data points are ‘click-through’ so that you can use the graphs to pivot into active data tables for sessions, users and recordings.
Key Capabilities of Privileged Behaviour Management
Behavioural Baselines
Our statistics create a series of behavioural baselines for all privileged users that is automatically categorised. Through Osirium PAM's use of profiles, other users are treated as behavioural peers. Owing to this, we can pre-emptively flag users who's behaviour seems like it's abnormal or suspicious.
Integrated Metrics
Monitor user activities when and where they happen with our fully integrated metrics and reporting system. Furthermore, you can visualise correlations in user tendencies in real-time and also automatically produce data sets in a variety of user-friendly formats.
Prevent Privilege Creep
Privilege creep can rise when users gain privileges in excess of their requirements. Now you can identify and prevent this latent threat by supplying and withholding privileges. Access is only given to users access when they need it.
Risk Scoring
All privileged users gain risk scores reflecting behavioural baselines. SysAdmins can then use these scores to address security risks.
As a result, you can remove any doubt surrounding access rights.
Manage Privilege Exposure
All privileged users gain risk scores reflecting behavioural baselines. SysAdmins can then use these scores to address security risks.
As a result, you can remove any doubt surrounding access rights.
User Profiles
Osirium PAM creates a profile for each privileged user in your organisation. Due to this, you can observe whenever a user’s access address differs from the existing baselines. If a user logs in more frequently from a given address, the lower their suspicion becomes.