Simply put, enterprises frequently fail in their information risk management practices because they are unable to maintain an awareness of where their sensitive data resides or how exposed it becomes once outside of the data center. NetWitness InSight changes that reality.
NetWitness InSight simplifies information risk management by combining data discovery, configuration analysis and vulnerability assessment in a single, easy-to-use solution. For the first time, public and private sector organizations can deploy one technology and obtain reliable risk metrics containing the locations of sensitive, regulated and proprietary information and the level of exposure to that data. InSight puts enterprises firmly in the know and removes the uncertainty and doubt from the IT risk equation.
InSight provides three critically important functions for public and private sector IT professionals.
InSight simplifies the process of IT risk evaluation and remediation through automated risk scoring and enabling centralized remediation functionality. InSight’s unique, patent-pending approach focuses the efforts of IT, security, compliance and audit staff on the data most at risk within the enterprise – aiding IT risk management, operational security, incident response, e-discovery and compliance activities.
How InSight Works:
Distributed, Automated and Extensible Data Discovery: InSight’s unique data discovery engine quickly scours through systems (Windows, Linux and others) – whether client or server – identifying sensitive, proprietary and regulated information. InSight’s data discovery engine is faster and more accurate than other solutions available in the market, performing a level of structural file analysis unavailable in content management tools today. InSight even supports undefined file formats, providing an extensible technology platform that identifies the types and volumes and combinations of data elements across enterprise servers and workstations.
Assessment of Exposure InSight concurrently assesses the likelihood of exploitation of the hosts it examines. To determine the security condition of the host, InSight combines five key assurance measures using industry standards and best practices.
Risk Scoring and Prioritization Once InSight has inventoried the information on the host and determined its level of exposure, InSight uses a patent-pending model to assign a risk score to each host. The InSight Risk Scores is determined by both the impact of potential data loss and the likelihood of exploitation. The resulting metrics permit IT, security, audit, and compliance staff to prioritize IT risk remediation activities.
Centralized Remediation In both workstation and server deployments, InSight can perform automated data centric remediation, giving IT and security staff maximum flexibility regarding the manner in which the organization will handle remediation tasks..
Reporting and Information InSight is designed by security, audit and forensics professionals with decades of experience. It automates the data collection necessary for reporting high-risk problem areas, assists in continuous policy and compliance verification, supports the incident response process, and provides a valuable tool for fraud and digital investigation, and e-Discovery. InSight bridges the knowledge gap between security, audit and compliance teams by providing the commonly requested detailed reporting and trending information all three areas require to fulfill their respective reporting and operational responsibilities.
“At the host-security level, security staffs still struggle to create a sensible and measurable data protection strategy that prioritizes security program activity according to the highest risk to the enterprise. The NetWitness InSight model provides an opportunity for organizations to discover where their sensitive data reside, and which assets are most likely to be compromised.”
Product Features:
Deployment:
NetWitness InSight is licensed per host, and requires InSight Server for data management and reporting. InSight clients deploy via standard desktop management practices to support periodic audits or continuous IT risk monitoring. InSight client/server communications can be configured and scheduled to meet any corporate policy. In addition, InSight can be integrated with NetWitness NextGen™ products to provide network-based context to information at risk.
Screenshots:
The NetWitness InSight dashboard and user interface provide authorized users interactive navigation, centralized and local remediation options, and numerous risk reporting perspectives. InSight administrators can easily configure and manage InSight clients to provide reliable, risk prioritized metrics regarding the IT assets creating the most risk. In addition, InSight offers extensive reporting at all levels of detail for distribution to audit teams, IT and security staff, and non-IT management.
Appliance specifications:
Minimum system requirements:
NetWitness recommends the following minimum hardware requirements for NetWitness InSight:
Client Software
Server Software
Watch a video Introduction to NetWitness InSight, and see how it applies to your organization.
Call 703-889-8950 or contact sales@netwitness.com for more information about NetWitness® Investigator and other NetWitness NextGen™ products.