An Interactive Profile for Each of Your Users

Moving further down on this profile, we can see all of the Assets that Rebecca has authenticated into, as well as a look into cloud service usage. On the bottom of the profile (not pictured), you can see authentication locations, VPN usage, and through our integration with InsightVM, vulnerabilities associated with Rebecca's assets.

Rebecca has authenticated into a lot of assets! Let's look at her first primary asset: t457-1572.tor.razor.com.

4 of 9

Visibility into Users & Assets

If Rebecca authenticates into an asset, it will appear on this list. This can identify security risks, such as shared credentials, as well as attackers impersonating legitimate employees to move around the network.

Tag an Asset as Restricted

Clicking on the Bullseye tags the asset as 'Restricted'. This comes with a more sensitive alerting threshold and is recommended for critical assets with monetizable or confidential data.

Combined with the Insight Agent for real-time detection, and deception technology like Honey Files, you can detect intruders at each step in the attack chain.

Track Notable Behavior for Faster Context

In addition to alerts and authentication behavior, InsightIDR tracks notable behavior for every user on the network. This provides valuable context during investigations and can help quickly validate alerts generated or ingested by InsightIDR.

11906021

Contact Us

We're happy to answer any questions you may have about Rapid7