FREQUENTLY ASKED QUESTIONS
Does ResponSight technology collect any personal information?
Absolutely not! ResponSight technology collects numerical, mathematical and statistical data about how the endpoint is used. A couple of examples:
- ResponSight can detect when a browser is opened, but does not capture specific details of the users’ activity inside the browser;
- ResponSight has visibility of process names and paths, but this data is hashed or encrypted before delivery to our cloud service, so even non-sensitive information is protected to ensure sensitive information is not inadvertently disclosed.
The key to identifying changes in risk is based on being able to tell when someone else (an attacker, or a piece of malware) is controlling the endpoint. It is not easy for an attacker to replicate days/weeks/months of security profile analysis to mimic the real endpoint user in a short period of time, and that’s the trigger for changes in risk and how potential security breaches can be initially identified.
Will ResponSight detect all security breaches?
No, it is not possible for ResponSight (or any security technology) to detect all security breaches, despite the claims being made in the market. ResponSight is different because it focuses on endpoint behavioural activity as a way to measure increases in risk, rather than traditional detection methods using signatures or logging. The goal is to shorten the detection timeframe, and provide timely and accurate alerts for security administrators and incident responders to action. Setting priorities for investigation allows your expensive skilled people to focus where they’re needed most.
So ResponSight is just another UEBA (User and Entity Behaviour Analytics) technology?
Although ResponSight does share some common capabilities, many UEBA technologies are gathering their behaviour data from log data, or centralised SIEM repositories. Such data is rarely complete, and often out of sequence. ResponSight collects data at the endpoint, as close to the actual user as possible. Our behavioural analytics is tightly linked to the actual user, rather than just a loose association through distant logging alone.
Will ResponSight block attackers?
ResponSight is a monitoring (detective) technology, rather than a blocking (preventative) technology. ResponSight is designed to work with your existing blocking technology, so your previous investments can be better leveraged to increase effectiveness.
Does ResponSight integrate with other security technologies?
In most cases, yes. We’re developing API’s and data feeds to provide quality data to Security Incident and Event Monitoring (SIEM) and various Threat Intelligence and analytics engines.
How does ResponSight licensing and pricing work?
ResponSight is licensed very simply – one low rate per endpoint, per month. The larger the organisation, the lower the per endpoint rate. Please get in touch to discuss your specific requirements