Forcepoint introduces Dynamic User Protection

Forcepoint today announced the introduction of Dynamic User Protection that redefines modern user activity monitoring (UAM) and insider threat protection with the industry’s first cloud-native solution to deliver out-of-the-box functionality with no policy configuration. Through this capability, security teams are now empowered with real-time visibility into true risk behaviours of compromised and malicious users within hybrid cloud environments.

With Dynamic User Protection, user activity monitoring not only becomes easy-to-deploy it also brings mainstream enterprise access to continuous risk assessment across security control points.

“In this next phase of cybersecurity, managing risk across the cloud, network and endpoint will drive everything. With Dynamic User Protection, Forcepoint is changing the rules of the cybersecurity game by delivering global enterprises the ability to automatically enforce security policy across all control points tailored to a specific end-user based on the risk they represent,” said Nico Popp, Chief Product Officer at Forcepoint. “Dynamic User Protection is the heart of our new converged cloud security platform with integration into Forcepoint Data Loss Prevention available today with future integration planned across the entirety of the Forcepoint portfolio, including our recently announced Cloud Security Gateway SASE solution which will be delivered in first-quarter 2021. This is the true power of human-centric cybersecurity realized today and it is powerful for every organization that desires the ability to prevent a data breach before it can occur.”

Dynamic User Protection utilizes Indicators of Behavior (IoB) as the real-time analytics engine to determine the overall risk of an entity. These IoBs deliver security teams context around behaviours and by combining multiple behaviours determines true risk scores that assess overall risk of an entity as good and/or bad. With this capability, enterprises can now prioritize observed risk in real-time to move left of breach while also reducing security friction.

Delivered in an easy-to-consume SaaS model, Dynamic User Protection is fast and easy to deploy with a small 30MB footprint on the endpoint that installs in under 30 seconds with no reboot required. Utilizing Forcepoint’s unified agent, Dynamic User Protection is also self-maintaining through auto-updates ensuring enterprises have an always easy-to-manage cloud-delivered UAM.

Dynamic User Protection key features at-a-glance include;
Autopilot: pre-configured user risk assessment that continuously collects, enriches and correlates events on the endpoint in order to detect anomalous behaviour.
Anomaly Detection: sets of observed data establish an entity’s baseline activity for specific applications and actions; and, observed data are analyzed with the anomaly detection engine to identify outlier behaviours and alert to real-time security risk.
De-centralized Analytics: performed on the endpoint versus the centralized approach with traditional UAM/Insider Threat solutions
Risk Calculation: continuous assessment of entity activity and risk impact generates a dynamic risk score that goes up and down based on the level of risk
Risk-Adaptive Policy Enforcement: based on the risk score, risk-adaptive DLP policies automate security response based on the level of risk. Enforcement options include: Audit, Block, Notify, Confirm Prompt, Encrypt and Drop Email Attachment.