Insider Threat Software Architecture
Our insider threat software captures data with the option to record user sessions in real time so you can detect insider threats faster. Get immediate value and full protection with our lightweight architecture, rapid deployment, and customizable web dashboards.
ObserveIT has four major components:
1. Lightweight Agents
ObserveIT’s software agents monitor and capture key data about insider threats. ObserveIT records user sessions (including screen, mouse, and keyboard activity, as well as local and remote logins) and transmits captured data to the application server in real time.
- Easy to deploy and manage (silent install, no reboots)
- Minimal footprint and no impact on performance
- Ultra-efficient data storage
2. Web Dashboard
ObserveIT’s web-based dashboard serves as the primary interface point for your organization. ObserveIT enables you to detect insider threats, investigate anomalies, educate and deter users, and protect privacy. The easy-to-use dashboard also helps satisfy compliance requirements and integrate with other security and logging tools as needed.
- User-friendly design
- Easy-to-configure alerts
- Textual records of user activity
- Session recording and playback
- Valuable analytics and reporting
3. Application Server
ObserveIT’s application server collects data from agents and delivers it to your web dashboard. The application server not only communicates actively with our agents, but also delivers configuration updates, monitors system health, and archives data. It can also be used to generate reports.
- Highly scalable
- Deploys quickly
- Small footprint
- Optimized for virtualization
4. SQL Database
ObserveIT employs Microsoft SQL Server for data storage. This way, we are able to receive data transmitted by agents, encrypt it, analyze it, and generate relevant alerts seamlessly. ObserveIT can also be configured to store video replay screenshots in file system storage.
With ultra-efficient data storage, ObserveIT uses SQL Server to store:
- User analytics data
- User activity metadata
- Application & configuration data