VitalSigns Detective Features
When bad guys are legitimate users, nothing keeps them out. You need pro-active measures on the INSIDE.
Record every screen displayed, every keystroke made, every message sent.
Replay every detail for trouble diagnosis, response-time analysis, regulatory compliance, and, when necessary, prosecution.
Search VitalSigns Detective records for specific time spans, display headings, user IDs, field names, field values.
Download our VitalSigns Detective brochure
VitalSigns Detective Specifications
VitalSigns Detective works silently. It does not consume host-machine resources. Users don’t know it’s there.
VitalSigns Detective can send you immediate alerts when user activity exceeds defined thresholds.
Trust VitalSigns Detective for prevention, analytics, alerts, investigations.
For applications on IBM mainframes and I-series servers, VitalSigns Detective records every screen accessed and every user keystroke.
VitalSigns Detective is based on Intellinx software, a Gartner Magic Quadrant Leader.
VitalSigns Detective resides on a Windows, Unix, or Linux Server and sniffs network traffic through hubs.
It does not require any software installation on host or client.
It does not require any change at all to legacy applications.
VitalSigns Detective is the new standard for auditing, fraud detection, and real-time security.
- Look for transactions by user Suspicious13.
- Get immediate alerts regarding cash transfers exceeding $50,000.
- Offer customers new products based on their current requests.
- Report daily on all traffic after close of business.
- Sound alarms when the system sees suspicious attempts to match names with account numbers.
Support your compliance efforts. Pass audits with forensic evidence.
Compliance with government regulations is a special challenge when critical processes rely on legacy systems. Applications developed 10+ years ago do not have the controls that more recent regulations require. And modifying those applications to insert controls requires long effort and hard-to-find skills. VitalSigns Detective is a unique and simple solution: It does not install on application hosts or clients. It does require changing a single line of legacy code.
VitalSigns Detective makes it easy to comply with the legal reporting requirements of…
- Basel II
According to the Sarbanes-Oxley Act (SOX), executives and auditors of public companies must validate the accuracy and integrity of their financial reports. Section 404 of the act specifically requires those companies to track financial processes.
Financial tracking relies on a multitude of data sources: purchasing, payroll, inventory, human resources, accounts payable, accounts receivable, and many others. Tracking controls need to monitor all of them.
VitalSigns Detective provides that broad and thorough tracking, even for legacy applications. Every screen that users see and every key they press is recorded. The result is a complete audit trail for all users and corporate systems. Privileged users get monitored just the same as customers.
You can configure VitalSigns Detective to analyze tracking data according to rules you specify, and to search for patterns you specify. That helps you spot malicious users, fraudulent log-ons, and suspicious activity.
The Gramm-Leach-Bliley Act (GLBA) specifies strict guidelines regarding companies’ use of their clients’ private financial information. And the Federal Financial Institutions Examination Council (FFIEC) provides detailed guidelines for evaluating the security of an enterprise.
“Logging and Data Collection,” in the FFIEC’s Information Security Handbook (December, 2002), defines standards for audit trails and logs to be retained for later review. It says, “Generally, logs should capture source identification information; session ID; terminal ID; and the date, time, and the nature of the access attempt, service request, or process.”
The challenge for organizations seeking to comply with Gramm-Leach-Bliley is that legacy applications typically log only transactions that change, insert, or delete data. They do not log anything else, like simple reading and display of data. But reading the data is clearly significant to a security audit.
VitalSigns Detective solves the problem with detailed records showing every time a field was read.
According to the HIPAA Security Rule, healthcare organizations must “Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information” (Section 164.312).
So healthcare organizations face the daunting task of inserting logging mechanisms into hundreds of legacy applications, or changing current mechanisms to record every action, not just changes to databases.
VitalSigns Detective solves the problem with detailed records showing every time a field was read; every screen that users see; and every key that users press. It provides a complete audit trail for all users and corporate systems. Thus VitalSigns Detective fulfills HIPAA’s demand for complete records of user access to private health information.
You can also configure VitalSigns Detective to analyze tracking data according to rules you specify, and to search for patterns you specify. That helps you spot malicious users, fraudulent log-ons, and other suspicious activity.
The Basel II Accord requires financial institutions to specifically measure operational risk; i.e. their risk of “direct or indirect loss resulting from inadequate or failed internal processes, people and systems or from external events.” In particular, the accord says to measure the dangers of the following:
- Internal Fraud
- External fraud
- Products and business practices
- Damage to physical assets
- Business disruption and system failures
- Execution, delivery and process management
VitalSigns Detective provides a unique and easily implemented defense against such risks. User’s can configure VitalSigns Detective to spot suspicious patterns and provide immediate alerts to system administrators. Auditors can search records for the actions of specific users, or transactions involving specific data fields. Network managers can use VitalSigns Detective to give them real-time alerts regarding response times and other system-performance measures.