Observations from ObserveIT

Congrats to iPad Winner, Todd LeBloch!

Amy Marion — Mon, 20 Feb 2012 12:30:11 +0000

Congratulation to our first Apple® iPad® 2.0 contest winner, Todd LeBloch. To get entered in the raffle, all Todd did had to do was schedule a 15min product demo for himself at two of his colleagues, then answer a short (5 question) product feedback survey.

The next drawing will be held on Friday, March 30th. To be entered, please send us an email and schedule a 15 minute product demonstration.

RSA Conference Sneak-Peak: CA Session Recording – See it now!

Brad Young — Mon, 13 Feb 2012 11:15:49 +0000

The RSA Conference is coming up soon! We’ll be there, as part of the CA Technologies booth, unveiling the latest in our groundbreaking Session Recording integration with CA.

Want a sneak preview? Can’t make it to SF? Join us for this sneak-peak webinar! On Tuesday Feb 14, you’ll learn highlight how it is surprisingly easy to get video replay logs of every user action, directly from within the full CA Access Control platform.

You’ll see how to:
- Capture detailed user activity logs, including video recordings of every user action
- Address regulatory challenges, including PCI Requirement 10
- Leverage even more of the CA Access Control to improve security for remote vendor logins

BTW… Have you seen what 100+ customers are saying about Session Recording on LinkedIn? Here’s a few highlights:

“The product is outstanding. Trust and be able to verify is essential.” – Dell
“When we saw the product kept its promises, we deployed it to all of our server farm. Nowadays compliance is really a challenge. ObserveIT transforms the challenge into a success story.” – ING
“When you have it in production, you see how smart product is. Small product details can solve bigger issues.” – Siemens
“This is an essential tool. I highly recommend this for Monitoring and Auditing.” – TESCO

How to stop Identity Theft at its source

Brad Young — Tue, 31 Jan 2012 09:36:50 +0000

There are lots of tools and procedures that we arm our users with to protect their identity. (ex: Two Factor Authentication, Password complexity and reset rules, etc.)

But once an identity is stolen, no tools can really identify or track the incident. The responsibility for detection lies entirely on the security officer. Why? Because “That’s the way we always did it!” With identity theft running rampant, this is just plain dangerous thinking.

Why can’t we bring the user into the responsibility loop???

Consider credit card fraud, as an analogy: How does Visa/MC/Amex capture fraud? (Hint: It’s not from fancy fraud detection security software.) The vast majority of detection is from the simple feedback loop when cardholders inform about unauthorized purchases. (i.e. Your grandma and a telephone is the ultimate fraud protection tool!)

We must do the same in IT. Identity theft incidents can be detected and neutralized much quicker if we would just give users a way to flag unauthorized logins. After all, the only person who knows what a user did is the user himself/herself!

Let’s stop doing it the old way, just cuz that’s how we always did it. Let your users be your scouts. Your grandma will be very proud of you.

Version 5.6 is coming soon!

Brad Young — Sun, 29 Jan 2012 09:42:51 +0000

We’re packing lots of great new features into the upcoming release. ObserveIT Enterprise v5.6 includes many new levels of protection. The most noteworthy new capability is a groundbreaking solution for catching incidents of identity theft, which lets you turn your thousands of users into your security detection network. Read more about it here.

v5.6 also brings live-session messaging and remote locking, more functionality in our policy messaging module, even deeper self-auditing mechanisms and added archiving functionality.

Full details can be found here.

Want to get Early Availability release later this month? Send an email to our Product Manager: danny -at- observeit.com

Fujitsu and ObserveIT expand activity in Hong Kong and Macau

Brad Young — Fri, 20 Jan 2012 18:58:05 +0000

We’re excited about our partnership with Fujitsu in HK and Macau… Fujitsu has a lot of expertise in cloud deployments and security in the region. Learn more about it on the Fujitsu site here.

Learn the 5 top options for Unix/Linux user auditing (Guest author Cyril Plisko)

Brad Young — Wed, 11 Jan 2012 12:35:03 +0000

Unix expert Cyril Plisko of the The Grigale Group recently published a great whitepaper highlighting the most common methods used for auditing Unix/Linux users.

It’s a great read, and includes lots of actionable tips and tricks on how to get more out of well known tools such as screen, script, sudo, auditd and more.

Get the whitepaper here.

By the way, Cyril also hosted a webinar series on this subject. You can catch the live recordings here (Linux) and here (Solaris) .

Do you use RSA enVision? Get the ObserveIT Connector!

Brad Young — Sun, 01 Jan 2012 11:10:10 +0000

Big news for our customers who also use RSA enVison… And for the entire RSA enVision user base…

RSA/EMC has recently published an official “enVision Ready” integration package for adding ObserveIT user activity logs to enVision. With this, you can see all the rich details of ObserveIT’s user activity monitoring platform straight from within enVision’s reporting and dashboard environment.

You can get the integration package on the RSA Solution Gallery here or download the PDF guide doc here.

We’ve been working hard with the RSA engineers to get this up and running, and we’re proud to see it go live. If you have any questions or want to dig deeper than the content on the RSA site, feel free to follow up with Ilan Sharoni, our own integration-meister here at ObserveIT. Ping him here: ilan “at” observeit.com, he’ll be glad to walk you through it.

Citrix-Ready Certification for ObserveIT Enterprise

Brad Young — Tue, 20 Dec 2011 10:29:31 +0000

Many of our customers have long been using ObserveIT to capture user activity within published applications on Citrix XenApp servers. Based on this high volume of usage, Citrix and ObserveIT have worked to certify the ObserveIT auditing platform as Citrix Ready.

We are especially happy to add this sign of approval, because it helps many Citrix customers who don’t have a full Platinum edition deployment, but want to be able to capture user activity audit logs. (Only the platinum edition of Citrix XenApp has built-in user audit recording.)

More info here: http://www.citrix.com/ready/partners/observeit

Event – Onsight’s Winter Market, Netherlands

amiryampel — Sun, 18 Dec 2011 09:11:19 +0000

Onsight, ObserveIT’s partner in the Netherlands held an innovative event in a casual Christmas atmosphere. ObserveIT had the opportunity to have informal discussion with over 100 of Onsight’s customers, all of them are security and compliance professionals from top companies in the Netherlands. The Winter Market was held at The Farm in the Brasserie Sonsbeekpark in Arnhem. The outside terrace was covered with a tent and heaters ensured a comfortable temperature. ObserveIT together with a few leading vendors such as Checkpoint, Fortinet, Websense and RSA – gave nice winter presents to the customers, each of the customers who came to claim the presents was given a product overview.

Special Webinar Series: Reviewing the security audit options for Linux and Solaris (Guest speaker Cyril Plisko)

Amy Marion — Thu, 08 Dec 2011 14:46:21 +0000

Unix expert Cyril Plisko of the The Grigale Group will host this webinar series, in which he’ll dive into the wide variety of system auditing options available to security managers today. On the December 13th webinar, he will focus on how to audit and monitor Linux platforms. He’ll then follow this up on December 20th with a review of Solaris auditing capabilities.

In each webinar, Cyril will cover distro capabilities, FOSS utilities and commercial products, adding valuable tips and tricks for each option.

*** Update *** Did you miss the live webinar? You can catch the recordings here (Linux) and here (Solaris) .