Privileged IT user Monitoring

Privileged IT users pose one of the greatest dangers to the organization. With their higher authorizations to access corporate systems and sensitive data, and their use of system and database that are not subject to internal auditing, they can reach the most critical information and use it to their own ends.

Recent surveys show that approximately two-thirds of fraud and identity-theft cases are perpetrated by company employees, including privileged users. The 2012 report of the Association of Certified Fraud Examiners estimates that companies worldwide lose, on average, 5% of their annual revenues to internal fraud. In response, organizations around the world are placing a greater focus on finding solutions to safeguard against insider threat that go beyond perimeter protection

Intellinx Solution for Privileged IT User Monitoring

Intellinx presents a first-of-its-kind, cross-platform surveillance system for unparalleled visibility of privileged IT users in corporate applications across the enterprise. The Intellinx system provides record, replay and search functions of user activity, and proactive detection of suspicious activity, behavior profiling and real-time analytics.

Intellinx can monitor privileged users in different environments:

  • IBM Mainframe (access to TSO, CICS, VTAM through the 3270 protocol)
  • IBM System i (5250 protocol(
  • UNIX and LINUX (VT and SSH protocols(
  • Web applications (HTTP/S protocols(
  • Direct access to databases (Oracle, MS-SQL and DB2)

Intellinx Features

Hold Authorized Users Accountable

Intellinx provides complete visibility into end-user activity with visual replay of every screen, and keystroke in every application across all major platforms. It enables security and fraud officers to know who did what, when and where. The activity of all internal and external end-users is recorded, regular users as well as privileged IT users.

Investigate Suspicious Behavior

Intellinx captures a very detailed field-level audit trail of user activity, with extensive cross-platform search capabilities for user activities. It allows you to search, for example, for all users who accessed an account number during a specific timeframe in any application; then visually replay a certain user’s actions. Investigation can be performed in real-time or post-event.

Respond Now

Intellinx generates real-time alerts that enable instant detection of suspicious behavior and timely response to mitigate damage. Configurable rules track user behavior patterns at the application level and generate alerts on irregularities in real-time.

Prevent and Pre-empt the Next Crime

Intellinx allows you to perform after-the-fact analysis of user behavior by applying new rules to pre-recorded data. Thus, new fraud detection knowledge can be applied to the organization’s pre-recorded information in order to predict and prevent future crimes.

Out-of-the-Box Business Value

Immediately following the rapid installation, Intellinx begins capturing all cross-enterprise user activity. Organizations begin benefiting from Intellinx without delay, with no need for time-consuming integration with any of the organization’s systems or application-related configurations.

No Risk Implementation

  • The Intellinx patented technology intercepts communication between end-users and corporate servers by non-invasively sniffing network transmissions through the network switches. Therefore, Intellinx does not impact performance of hosts or networks in any way.
  • There is no need to install any software or hardware on hosts or clients.
  • Recordings are stored in a highly condensed format, allowing for monitoring tens of thousands of internal end-users within an organization and tens of millions of external users without a major impact on disk space.

The Intellinx Difference

  • Unparalleled Visibility to End-User Activity – End-user activity, including update and read-only actions, becomes transparent with visual replay of every screen, keystroke and flow of screens in applications across all major platforms.
  • Complete Audit Trail -Intellinx records in real-time all user activity 24×7, not only events detected as suspicious. Regardless of whether all appropriate rules are in-place at the time of an event, post-event replay enables forensic investigation at a later time.
  • Cross Platform Search including Legacy – Intellinx enables tracking of user activity and business processes across all major platforms including legacy systems.
  • User Behavior Tracking at the Application Level – Intellinx is the only solution on the market that analyzes user activity at the application level. Intellinx tracks all user keystrokes and screens, detecting the relevant business process, including each field value accessed or updated. This information is correlated in real-time with the activity of other end-users, previous activities and other types of information.