User Activity Alerts and Notifications
While being non-intrusive passive user monitoring solution, Ekran System provides real-time suspicious user activity alert system to enable quick incident response.
User action alerts are fully customizable. You can configure any number of different rules to trigger real-time notifications using such parameters:
- User names;
- Application names;
- Window titles (including e.g. folder or file names);
- Visited URLs;
- Types and groups of connected USB devices.
- Entered commands and / or parameters (for Linux Clients).
Right after an alert is triggered, selected specialists from your security personnel get email notification with all alerted event details as well as the direct link to the corresponding video log of an episode. Such user activity monitoring notifications allow your incident response team timely detect and quickly analyze an issue to take adequate response measures.
In particular, if user session is still running, security specialist can quickly analyze the situation in real time by viewing live video feed and block the user if the activity has been considered dangerous. Configuring USB device alert settings, you will be able to block certain devices automatically as soon as they are connected.
Besides as-it-happens user activity monitoring notifications, Ekran System software provides a special suspicious user activity alert report containing details on all triggered alerts for a specified period of time. Thus you can analyze, audit, and cross-check incident response actions.
Combining powerful user activity monitoring and alerting functionality, Ekran System remains the most cost-effective solution on the market with the flexible subscription model.