How It Works
ResponSight is an enterprise risk profiling solution that ingests user telemetry to analyse risk across the entire organisation. Unlike Endpoint Detection and Response (EDR) or User and Endpoint Behavioural Analytics (UEBA), ResponSight does not rely on potentially private or sensitive information that might be divulged by the user or “heavy” endpoint technologies to assess risk. As a result, ResponSight is lightweight and goes unnoticed by the user – there’s no dock icon or application interface, and no support headaches for your team.
ResponSight comprises three key elements – the ResponSight Collector that gathers the metrics and telemetry; the ResponSight Aggregator that bundles and manages data delivery to 3rd party solutions and the ResponSight Cloud Service that does all of the heavy lifting and performs the analytics for enterprise risk profiling.
Metrics and Data
Only telemetry and statistical metrics are collected – no “rich” data, so there is no private or sensitive data collected at all. Light weight collection means no user or network performance impacts
ResponSight Collector currently supports Windows 7, 8 and 10, and MacOS Sierra and High Sierra. Nothing is visible to the user, so there is no help desk overhead either.
How is it Secured?
Get better visibility of the endpoint whilst supporting your BYOD workforce. ResponSight increases your oversight of risk outside the corporate network without impact to the user.
The ResponSight Aggregator acts as “traffic cop” – Collectors deliver data bundles, and integration to 3rd party solutions (such as SIEMs) occurs here. Reporting dashboards are delivered here)
3rd party technology and solution integrations ensure you enhance the value of your existing investments. SIEM, data lakes, ticketing systems, and incident response systems are all possible through APIs
How is it Delivered?
The ResponSight Aggregator is a virtual machine – lightweight (less than 1Gb) and low performance requirements (less than a VDI), the Aggregator does not require much to deliver the required outcomes
Metrics and Data
What We Collect
ResponSight has been designed specifically to address the new problems incurred when deployment security and risk technologies – how do enterprises get the required outcomes without actually creating another target for attack? Security and risk technologies currently collect too much data that is often not required, and may not even be valid anyway.
ResponSight technology collects numerical, mathematical and statistical data about how the endpoint is used. By combining large volumes of raw numerical telemetry and selected metrics, it’s possible to build activity and behaviour profiles about users and their laptops, without ever knowing who that user is or what that laptop is.
ResponSight is always happy to show enterprises the raw data we collect – we’ll never hide behind any claims of “proprietary IP”, it’s your data and you’re welcome to see it (even if it is basically meaningless numbers to anyone but us!)
Why We're Different
ResponSight was born out of frustration with most current approaches to security and risk:
- “big iron” technologies that require excessive access and trust inside organisations;
- solutions that collect too much “rich” data that may not even be reliable and often is not even required to achieve the desired outcome; and
- security and risk offerings that become the targets for attack themselves, as a direct result of the design decisions relating to the above
The ResponSight approach to security and risk is definitely harder – we’ve spent over 2 years just in R&D, building our IP. As a result, our approach and design is intended to ensure we’re not a vector for attack into the enterprise; that we won’t have any private or sensitive data stored on our systems that could be targeted for attack; and that ultimately we can profile enterprise risk as actionable intelligence for boards and executives to set useful priorities