Quickly Detect and Automatically Stop Threats - CPTRAX for Windows

Threat Challenge

Threats to your data from malware, malicious insiders and advanced persistent threats (APTs) can easily go undetected until it is too late. Without the right tools, security teams cannot detect these threats without going through raw logs, a very time-consuming task. Some tools provide better reporting than the raw logs but are unable to stop the threat without manual intervention which can take a long time while damage is continuing.

Threat Solution

CPTRAX for Windows provides reporting of the events affecting your data including sending emails based on pattern alerts/threats. CPTRAX for Windows, based on these pattern alerts, can also quickly and automatically stop threats to your Windows servers by calling PowerShell scripts so you can determine exactly what you want to have happen for each type of alert/threat.

Detect Threats To Your Servers

CPTRAX for Windows allows you to define a pattern alert which could be a threat to your Windows servers. Define the alert by number of events during a specified interval. Can be based on unique combination of Perpetrator (user, computer other object), IP Address or Object Affected (username, Active Directory object, GPO or file system object).

Examples of threats:

Ransomware behavior
Password spraying
Mass file deletions
Multiple file opens denied
Multiple file renames in a short period of time
Attempted unauthorized access to sensitive data
File or folder mass permission changes
Multiple failed logons in a short period of time
Active Directory mass deletion of Users or Groups
Active Directory mass password changes

Automatically Stop Threats

CPTRAX for Windows can automatically and immediately call one or more customer written PowerShell scripts based on a pre-defined Pattern Alert and take appropriate action to contain the threat and prevent further damage.