License

ManageEngine named a Market Leader in KuppingerCole Leadership Compass 2024 for Identity Governance and Administration! Access the report

Analyze the risks posed by identities with AI-driven identity analytics

  •  
     
  •  
  •  
By clicking 'Download now', you agree to processing of personal data according to the Privacy Policy.

Thanks!

Your download is in progress and it will be completed in just a few seconds! If you face any issues, download manually here

   
       

Identity analytics and intelligence

Cyberthreats are growing beyond human visibility. As companies become more sophisticated in their cloud adoption, so do attackers in their innovation.

Network boundaries are slowly vanishing, making identity the new security perimeter that needs protection. Identity analytics is the process of using AI and ML technologies and crunching identity-related data to generate actionable insights. Identity analytics tools evaluate risk based on identity-related information received from multiple sources.

ManageEngine AD360 gathers data on what users are doing across the company over a long period before establishing a baseline of normal activities unique to each user. It establishes strict access controls to ensure security across on-premises and cloud applications from a centralized console.

Here's how AD360 addresses some of the top identity analytics use cases

  • Anomaly detection
  • Dormant accounts cleanup
  • Risk-based authentication
  • Insider threat detection

Anomaly detection

  • Identify suspicious user activities, such as an unusually high volume of events carried out at unusual times. Identify the source and reason behind every failed logon attempt and find user accounts with the highest percentages of logon failures.
  • Define alert profiles based on metrics like a user's activity count and time and define rules where the current data is compared with the previously generated data. Trigger alerts whenever the real-time data deviates from the previous pattern.
  • Track file deletions, unauthorized file changes, and anomalous surges in file access attempts with a wide range of reports on anomalous file activities.
Learn More

Dormant accounts cleanup

  • Minimize the risk of inactive accounts being compromised or misused by checking for stale user accounts periodically.
  • Fetch a broad range of reports that collect data on the last logons, users who have never logged on, users who have not logged on recently, inactive users, and more.
  • Automate disabling inactive accounts, moving them to another OU, and deleting them altogether.

Risk-based authentication

  • Assess the probability of account compromise from a user's logon based on factors like their device type, time of access, IP address, or geolocation. Ensure only authorized users have access to enterprise applications.
  • Automatically step up security for risky logons by prompting additional authentication factors.
  • Gain a consolidated view of users' unusual logon activities from the preconfigured reports and allow administrators to apply effective authentication procedures, thereby reducing the possibility of unauthorized users gaining access to sensitive data.

Insider threat detection

  • Audit privilege use and view reports on critical events like password resets, user management, and privilege escalation.
  • Detect indicators of lateral movement, like unordinary remote desktop activity and the execution of new processes.
  • Enable alerts that trigger when a user accidentally lands on a suspicious website and executes a malicious executable that might initiate a ransomware attack. Detect and shut down the infected machine and prevent it from spreading further.

Highlights of AI-driven identity analytics in AD360

  •   Monitor remote
    access to hosts
  •   Detect critical activities
    with instant alerts
  •   Streamline insider
    threat detection
  •   Manage inactive
    users
Monitor remote access to hosts
1

Get instant alerts when a host is accessed remotely for the first time.

 
Detect critical activities with instant alerts
1

Get instantly notified via email and SMS of critical activities such as file deletions.

2

Execute scripts to automate response actions, like shutting down a device or disabling an account.

 
Streamline insider threat detection
1

Establish user activity patterns and spot subtle anomalies.

 
Manage inactive users
1

When you want to configure a sequence of tasks that should be executed at prespecified intervals, you can create an automation policy and implement it on the Automation tab.

 

With AD360's AI-driven identity analytics, you can

 
  • Recognize unusual user behavior that may indicate a potential attack.
  • Enhance security by adding multiple layers of verification when an unusual user pattern is detected.
  • Detect potential insider threats and automatically notify concerned personnel.
  • Improve the overall productivity and efficiency of the work environment by automating the cleanup process.
  • Satisfy compliance audits with over 1,000 preconfigured reports while you monitor access to crucial data.

Implement identity-based access controls with AD360

Download the free trial