User Activity Monitoring Features

Read what people say are the most valuable features of the solutions they use.
SVP Insider Threat at a financial services firm with 10,001+ employees
The machine-learning algorithms are the most valuable feature because they're able to identify the "needle in the haystack." Also, the solution's behavior analytics in terms of detecting cyber and insider threats is fairly good. View full review »
Edward Ruprecht says in a Securonix Security Analytics review
Lead Cyber Security Engineer at a insurance company with 1,001-5,000 employees
* The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. * There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us. * Finally, there is Spotter. Spotter allows us to search and investigate different events of interest for us. In terms of behavior analytics, we're using cyber more than insider threats. With UEBA being a relatively new space when we looked at it close to two years ago, we were concerned about how well it worked and whether they were truly behavioral-based rules or if that was just marketing terminology for the "latest greatest system." But it exceeds what our initial expectations were for being able to detect different cyber threats. We're doing a lot around the network firewall and endpoint detection for rare process connections, rare network connections, etc. View full review »
Director of Intellectual Property Protection at a pharma/biotech company with 1,001-5,000 employees
There are a number of things that are very useful. What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at. The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to go through, using Microsoft Excel and a couple of other methods, to bring data together. The third feature is the ability to create watch lists that highlight specific predefined events in a separate window - or widget, as they call it. If I want to highlight something of interest without changing the risk score, or affecting any of the threat or risk models that we have in place, I can create a watch list. It moves those events to an area where an analyst will see them, first thing, without changing any scores or any other manipulation of data. I can highlight events that way. View full review »
reviewer990891 says in a CyberArk PAS review
Information Technology Specialist (Contract role) at a tech services company with 10,001+ employees
* OTP * Session recording * Auditing * It takes away all ambiguity around "known" admin accounts. View full review »
Rodney Dapilmoto says in a CyberArk PAS review
Systems Admin Analyst 3 at CPS Energy
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task. Using the PSMP (Privileged Session Manager Proxy) makes it extremely convenient for UNIX Administrators to utilize their favorite SSH client software (i.e. SecureCRT or Putty) to connect to a privileged target without having to go through the PVWA web login. View full review »
EricVermaat says in a Cisco CMX Analytics review
Managing Director/Co-Owner at
The most valuable features of this solution are occupation calculation and IoT solutions. View full review »
Chief Technology Officer at a tech vendor with 51-200 employees
When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases. Our number-two criterion comes from the fact that we are a cloud-first company, so we needed a solution that would work in the cloud and work with the cloud. Working in the cloud means it would be a service, a SaaS offering. And working with the cloud means it would integrate with our cloud applications and monitor our cloud environment. Their product was the most-ready SaaS product in the industry. The solution's cloud-monitoring functionality is the only thing we use, because we are a cloud company. Our Office is Office 365, our HR system is BambooHR. Everything we use is hosted in the cloud. So cloud monitoring is the number-one use case for us. In addition to those applications, the solution monitors Salesforce, which our sales team uses, Concur, which is our time and expense system, and it monitors our own application that we use for providing service to our customers. And finally, it monitors our AWS environment. They have done a great job building the API-based connectors so they can automatically pull data from these applications. They have packaged use-cases that they provide us and, in certain applications, those use-cases are still a work in progress. But I feel confident that the content they have is good and they're improving on it continuously. There's a lot of development that happens on the cloud front. For example, Office365 changes every three months. Cloud applications are new so there's a lot that goes on with these applications. So vendors have to keep updating their content to align with where the cloud application is. Securonix is doing a good job of staying abreast with the latest and greatest developments on the cloud-vendor side and updating their content. A lot of their competition is very poor. We had QRadar in our environment but it couldn't even connect to Office365. From there to where we are today, it's a huge improvement. View full review »
Leader - Investigations, Insider Threat at a tech services company with 1,001-5,000 employees
The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case. The solution's behavior analytics, in detecting cyber and insider threats, are good. The tool does what it's supposed to, as long as the data coming in is accurate. View full review »
CEO/Executive Director at Iconic Engines
One of the most valuable features it has is the threat chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before. It also has the ability to detect low and slow stuff. Whenever we've had any dormant issues or dormant malware - dormant processes which get executed much later - it has tremendously helped us with that. View full review »
IT Project Manager at a manufacturing company with 10,001+ employees
The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects, files from either the engineering or the homegrown application. It's very easy to see people's patterns, what they typically do. The system might identify somebody who is engaging in anomalous behavior. Especially with the product's rev 6, there are a lot of tools to go in and do investigations, even without talking to the person, to try to determine what were they doing. Is it a case that they normally don't do something but this looks like a legitimate action, or is it something we need to investigate? That is pretty neat. View full review »
reviewer1052523 says in a CyberArk PAS review
User with 10,001+ employees
Automatic password management based on a strong password policy. Because still, many people choose not strong enough passwords for administrative accounts. View full review »
Sumit-Srivastava says in a CyberArk PAS review
Associate Vice President & Head of Apps Support at a tech services company with 10,001+ employees
The features that we find most valuable are: * Enterprise Password Vault * Privilege Session Manager * Application Manager * Team Manager These modules help us in locking down the credentials, rotating passwords automatically without us having to worry about it, isolation of servers from the user machine and availability of privileged session recordings for us to check on demand. View full review »
Maarten22 says in a CyberArk PAS review
User at a comms service provider with 10,001+ employees
The two main features are the CPM and the PSM. This is to make sure that the credentials are managed in a controlled manner and the sessions that are launched are set up in an isolated way. View full review »
reviewer991878 says in a CyberArk PAS review
Senior IT Security Engineer at a insurance company with 5,001-10,000 employees
The vaulting technology as well as the privileged session management: Having the vaulting tech ensures that the credentials are secure, and PSM ensures that the end user can perform needed tasks without knowing or needing the credentials. View full review »
reviewer990912 says in a CyberArk PAS review
Senior Manager - Privileged Access Management at a tech services company with 10,001+ employees
Shared-service accounts reducing the number of potential entry points as well as the ability to standardise our PAM across a diverse estate. View full review »
reviewer990921 says in a CyberArk PAS review
IT Support Specialist / Project Lead at a energy/utilities company with 10,001+ employees
* The visibility of what is being run and control of those applications. * Limiting the unnecessary application users think they need, and producing security vulnerabilities. View full review »
identity989526 says in a CyberArk PAS review
Identity and Access Management Analyst at a financial services firm with 1,001-5,000 employees
There are several features we've found valuable. We're auto-discovering our new Windows servers, we're managing root in our Unix environment, and now we're pushing for SA password rotation this year. View full review »
Je’rid Mccormick says in a CyberArk PAS review
Associate Engineer I at a insurance company with 5,001-10,000 employees
AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials. Hard-coded credentials are a risk to organizations as they are easy for attackers to target. Therefore less hard-coded credentials increase the security stance of the enterprise. View full review »
reviewer990873 says in a CyberArk PAS review
Information Security Engineer at a international affairs institute with 1,001-5,000 employees
The most valuable features for us are the AIM and PSM because they helped us by reducing the number of secrets floating around. View full review »
reviewer990891 says in a CyberArk PAS review
Information Technology Specialist (Contract role) at a tech services company with 10,001+ employees
* Recordings * Exclusive use, and * OTP. There can be no ambiguity: An account can only be in use by one single known user, and they have no knowledge of the password. View full review »
José Luis Llorente Rey says in a CyberArk PAS review
Senior Specialist Identity System Support at a consultancy with 10,001+ employees
* Master policy: allows us to establish a security baseline for our privileged accounts. * CPM: allows us to rotate passwords following the policy defined. * PSM: allows us to provide isolated sessions to the customer with additional controls (real-time monitoring, session isolation, and session recording). View full review »
reviewer988578 says in a CyberArk PAS review
Snr Technical Consultant at a tech services company with 10,001+ employees
Reducing the number of “admin” accounts by utilizing accounts that can be used by individuals with the same role, but only one at a time. When the accounts have been used, its password is changed (to something a user would have had to write down) before being made available for reuse. The passwords which are hidden from the users are not known, and thus can be long and complex, while only being used for a session before being changed. View full review »
Gautam Mishra says in a CyberArk PAS review
IT Analyst at a tech services company with 10,001+ employees
We can be connected to the target system and the PSM component comes into play. In addition, a true asset is the recordings the solution keeps. View full review »
HimanshuPandey says in a CyberArk PAS review
Lead Consultant at a tech services company with 10,001+ employees
I really like the PTA (Privileged Threat Analytics). I find this the best feature. View full review »
Varun_Sahu says in a CyberArk PAS review
Senior Associate at a consultancy with 10,001+ employees
The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out. It also provides flexibility and a comprehensive reporting. In terms of reporting, it can pull up to three types of reports and you can do some Excel work on those. Then, you will be able to find information that you were looking for. It is is the reporting by-laws, as well. Apart from this, it also has a lot of advanced components. It can extend the picture at the end of the productive scope. View full review »
Sign Up with Email