This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
Open House • Learn how you can grow your career with us! • May 15 • 3:00–6:00 p.m. • Merrimack, NH

Bitdefender Corp. 1YR XDR Sensor Identity-R 50-99U

Print page
Item#: 41648365 // MFG Part#: 3119ZZBSR120CLZZ // By: Bitdefender
NOTE: Images may not be exact; please check specifications.
  • In Stock
  • Virtual delivery

Detect, discover, hunt, and respond across your organization

Ordering Information
  • Comprehensive visibility with easy to deploy and manage sensors that collect data from across the organization
  • Rapid response for complete incident containment executed directly from within the XDR Platform
  • Out-of-the-box automated detection and triage of alerts based on correlation and detection algorithms
GravityZone XDR analyzes and detects attacks across an organization's infrastructure and applications with more accurate detection and rapid response. Covering systems, productivity applications, cloud workloads, identities, and networks, GravityZone XDR helps security teams focus on the key areas being targeted by cybercriminals. Providing analytics and rich security context for correlation of disparate alerts, quick triage of incidents, and attack containment through automated and guided response. All without burdening the security teams with unnecessary alert fatigue - delivered from a single, intuitive management console.

The Identity Security is a critical component in enabling greater cyber resilience. Identifying suspicious authentication activity for applications, DevOps tools, databases, systems, cloud environments, and other critical resources helps prevent or mitigate the potential damage of a cyber-attack. Once the Identity Sensor is connected to Active Directory, it detects activity associated with attacks that attempt to use compromised accounts, tokens, and objects. This includes not only end user accounts but system and API accounts.

The Identity Sensor detects attacks targeting the Kerberos network authentication protocol. Among the detections supported is the ability to detect when a Kerberos login is used to perform brute-force attacks against a system. During a brute-force attack, the malicious actor attempts to use rapidly generated passwords or encryption keys to gain system access. The sensor also detects additional Kerberos-related activities including use of stolen Kerberos tickets to move laterally across a network, requesting tickets with weak encryption - a common sign of malicious intent - and replay attacks. Replay attacks involve stealing packets from the network to forward them to a service or application.

The Identity Sensor also recognizes suspicious logins after a brute-force attack has been detected. The sensor identifies when an attacker registers a rogue Active Directory Domain Controller and uses it to inject malicious objects on other domain controllers within the same Active Directory infrastructure. It identifies when an attacker performs various activities on an Active Directory object and authenticates to remote systems using stolen credentials.

The powerful detection component of the GravityZone XDR Identity Sensor is complemented by capabilities that enable security teams to take meaningful action; for example, security teams can disable an Active Directory account or force a password reset directly from the GravityZone management console.
15