Network administrators and others with high-privileged access accounts hold vast access rights and other powerful capabilities. All these attributes make these accounts both prone to internal account abuse and also a prime target for social engineering and other credential theft techniques. In the hands of a rogue insider, or a malicious outsider, privileged accounts can be used to access and exfiltrate sensitive information stealthily.
Administrators must frequently access sensitive data and perform high-risk tasks. This makes it very complex and difficult to determine if their actions are legitimate or not, or if an imposter has obtained their credentials, making account abuse more likely.
Fortscale’s advanced user behavior analytics provide comprehensive and context-aware intelligence regarding activities associated with privileged-access accounts. Fortscale detects suspicious behaviors, such as anomalous accesses to sensitive resources, which are not consistent with the user’s normal behavior. It can also detect a previously unknown device when it begins to access sensitive systems, which may indicate that an external malicious user has obtained credentials to privileged-access accounts.