Obsidian Security Platform

Protect. Detect. Respond.

Critical business email, collaboration, sales, and marketing are moving to SaaS. User and service accounts are always on, always reachable targets. Oversharing of data and excessive privileges increase company risk. Disparate and disconnected systems are burdensome to evaluate and monitor. The cloud is driving speed, agility, and innovation, but how can you advance your mission while mitigating risk?

• Security Operations. Need to be able to detect breaches and threats quickly, and protect users and data.
• Incident Response. Need rich consolidated context across SaaS apps to investigate and respond to incidents.
• Threat Hunting. Need to proactively hunt for emerging undetected threats and suspicious behavior.

Deep Integrations With Cloud Services

Obsidian has built deep integrations with leading SaaS and IaaS services, built on a comprehensive understanding of each service’s model of roles and permissions, and activity reporting. Obsidian integrates with 100s of APIs across monitored services to construct a rich view of access and activity.

• Access Inventory. Get a comprehensive view of users, accounts, and privileges across all SaaS and IaaS services.
• Posture Assessment. Ensure that your SaaS applications are configured according to best practices.
• Activity Monitoring. Continuously monitor the activities of privileged and non-privileged users and accounts.

Platform Capabilities

Visibility Have a consolidated view of users, data, and applications in the cloud for the first time: Who is using SaaS apps? Should they have access? Are they doing the right thing? You can continuously monitor what users and service accounts are doing and be alerted to threats and hygiene issues.

• Inventory of access and privileges for each service
• Privileged user activity
• Activity monitoring across SaaS applications
• Normalized data model available to download via API

Alerting Get alerted about breaches, risky behavior, and policy violations based on rule-based triggers and machine learning. Discover indicators of SaaS persistence, OAuth token abuse, and other threats. Prioritize and act on the alerts in the Obsidian platform, or leverage integration with SOAR and service management solutions to standardize workflows.

• Built-in rules to alert on risky behavior, policy violations, and anomalous activity
• Machine learning models that flag unexpected or outlier behavior
• Prioritized alerts to reduce alert fatigue for overburdened security teams
• Integrations with SOAR and service management

Reporting Get regular reports with unique insights around application usage, emerging threats and risky behavior, tailored to different roles in the organization. Gather evidence to support incident response efforts, and prove enforcement of user access policies such as separation of duty (SoD) for compliance and governance.

• Reports and dashboards tailored to the needs of different roles in the organization
• Ability to export data in multiple formats

Action Investigate potential breaches and insider threats quickly and efficiently with a single-pane view of user and account activity. Trace lateral movement of individuals by tracing account sharing, or file upload and access history. Stop data exfiltration and account misuse with auto-remediation built into the platform.

• Consolidated activity time stream with rich context to investigate breaches and threats
• Recommended actions to guide response and improvements