An Interactive Profile for Each of Your Users
Moving further down on this profile, we can see all of the Assets that Rebecca has authenticated into, as well as a look into cloud service usage. On the bottom of the profile (not pictured), you can see authentication locations, VPN usage, and through our integration with InsightVM, vulnerabilities associated with Rebecca's assets.
Rebecca has authenticated into a lot of assets! Let's look at her first primary asset: t457-1572.tor.razor.com.
Visibility into Users & Assets
If Rebecca authenticates into an asset, it will appear on this list. This can identify security risks, such as shared credentials, as well as attackers impersonating legitimate employees to move around the network.
Tag an Asset as Restricted
Clicking on the Bullseye tags the asset as 'Restricted'. This comes with a more sensitive alerting threshold and is recommended for critical assets with monetizable or confidential data.
Combined with the Insight Agent for real-time detection, and deception technology like Honey Files, you can detect intruders at each step in the attack chain.
Track Notable Behavior for Faster Context
In addition to alerts and authentication behavior, InsightIDR tracks notable behavior for every user on the network. This provides valuable context during investigations and can help quickly validate alerts generated or ingested by InsightIDR.