Context and Visibility
Correlate user activity, data interaction, and user risk visualized as timeline-based views and prioritized with your data classification labels.
No more manually correlating OS, application and DLP logs to belatedly find out what is happening in your organization.
Context with timelines
Know the Who, What, Where, When & Why
Always know the user and their intent behind their actions on the endpoint, with files and on web apps in consolidated timeline views. No security knowledge required to read these timelines.
Support all common endpoint operating systems
We capture offline and online user actions in applications, files, websites, keystrokes, command-line, print jobs, USB devices and a whole bunch more on
- Windows desktops, laptops, virtual desktops and servers
- MacOS desktops and laptops
- 26 flavors of Linux/UNIX across Amazon Linux, AIX, Debian, HP-UX, Oracle, Red Hat Enterprise Linux, Solaris, SUSE Enterprise Linux Server and Ubuntu
- Virtualized environments and applications in Citrix Virtual Apps and Desktops and VMWare Horizon
- Windows on AWS and Azure
Granular user and data activity telemetry with a lightweight endpoint agent
With each activity event, get visibility into
- Active application name
- Active window title
- Open URLs in browser
- Host/remote host IP address
- Keyboard and mouse shortcuts
- File interactions including rename, cut, copy, paste, move, soft delete, download, upload and save alongside each user activity
Endpoint agents collect the telemetry and conduct the prevention actions. Running primarily in user mode with our patented file driver helps ITM achieve industry-leading lightweight architecture. Customers often run us in parallel with other endpoint security products without the traditional headaches of end user complaints nor performance degradation.
Data classification with Microsoft Information Protection labels Body
Use the Microsoft Information Protection (MIP) labels to better explore, detect and prevent risky data movement by users.
Leverage your existing investments into MIP labels to your advantage. We read the labels for files as users interact with those files.
Monitor high-risk employees, privileged users, contractors and others
High-risk can occur with
- Organizational context: Mergers, acquisitions, demotions, promotions, terminations, office relocations
- User groups: departing employees, privileged users, sales and engineers in competitive industries, temporary workers, contractors and users in high-risk countries