Intellinx offers a new dimension for internal auditors by providing unparalleled visibility into end user activity within corporate systems. The system continuously records the activity of all end-users (both business users and IT users) through sniffing of network traffic and enables you to visually replay all user activity screen by screen.
The system generates a detailed audit trail which allows a cross-platform Google-like search. This allows an auditor to easily search for all users who accessed a specific account number in a specific timeframe, receive a list of user sessions and select any of them for visual replay. One of the challenges that the system allows auditors to overcome is the lack of detailed information in application log files, e.g. many systems record only update transactions, so that user queries are not included in log file, although they are essential for investigating cases of data theft and insider fraud.
The system also provides an analytic engine which tracks user behavior patterns, generating alerts on exceptions in real-time or batch, allowing the internal auditor to immediately zoom-in on specific suspects.
With Intellinx, Auditors can:
- Stop struggling to piece together incomplete data on scattered enterprise systems in order to create a complete audit trail of certain events – as Intellinx provides the required information across multiple systems through one simple query screen.
- Enhance the reliability and effectiveness of audits by reducing the need for data sampling – as the Intellinx analytic engine can identify specific events required for audit by analyzing all user activity.
- Gather clear and legally actionable forensic evidence—even months or years after the audited event occurred.
Intellinx Features for the Auditor:
- Unparalleled Visibility to end-user activity – Complete visibility into end-user activity is provided by visual replay of every screen and keystroke and client/server message in every application across all major platforms including, Mainframe, IBM System i, Web, UNIX, Client/Server, and more. All actions are visible, including update and read-only actions. All types of end-users are tracked including privileged end-users such as System Administrators and Database Administrators that may pose higher risks.
- Complete Audit Trail – Intellinx records full user activity 24×7, which is crucial for making end-users accountable for their actions. Regardless of whether appropriate detection rules are in place at the time of an event, post-event replay enables forensic investigation at a later time.
- Cross Platform Search including Legacy – Intellinx provides a unique solution for tracking user activity across all major platforms including mainframe, IBM System i, Web, UNIX, Client/Server and more. It allows you to search for any specific value displayed on any user screen across multiple platforms from one simple query screen. The Intellinx rules track cross-platform business processes. For example, a business process tracked by Intellinx may begin on a mainframe, continue in a client-server application and end on the web.
- User Behavior Tracking at the Application Level – Intellinx is the only solution on the market that records and reconstructs user screens as well as the business transactions and queries performed by the user. Intellinx rules track all user keystrokes and the flow of screens accessed by the user, detecting the relevant business process including each field value accessed or updated. This information is correlated in real-time with the activity of other end-users, with previous activity and other types of information generating alerts on suspicious behavior in near real-time.
- Enhanced Alert and Case Manager – With Intellinx’s enhanced ready-to-use Alert and Case Manager, ROI begins immediately. Shortly after the rapid installation, the system provides the user with a rich set of investigational functionalities including dashboards, configurable displays, link analysis, and more. The Alert and Case Manager provides a simple way to manage and track ongoing investigations as you work.
- Immediate Business Value – Immediately following a rapid installation process, Intellinx begins capturing all cross-enterprise user activity. Security officers can immediately search for all user screens and organizations begin benefitting from Intellinx without delay, avoiding time-consuming integration with the organization’s systems and with application-related configurations.