Veriato  Formerly  known  as  spectorsoft-logo       Learn More

features

Veriato Features


See what works best for you

Veriato Product Comparison
Veriato Recon Integration
Veriato Features Data Collector

Product Comparison

Which solution is right for you? Our side-by-side product comparison can help you decide.
Click Here

Recon Integration

Our innovative user behavior analytics solution offers some unique and powerful benefits.
Learn More

Data Collector

Veriato solutions use a data collector refined over 18 years, and deployed on millions of endpoints, to provide a level of visibility and context that other solutions simply don’t match.

Screen Capture & Playback

Veriato’s screen capture records everything on a monitored computer’s screen. You define how frequently you wish to capture the screen, from the default of every 30 seconds to as often as every second.

 

In addition to regularly defined intervals, triggers can be used to initiate screen capture or to accelerate the interval at which captures occur.

export

Export

Screen snapshots can be exported as individual BMP or JPG graphic files. Multiple snapshots can be exported together as an AVI video file.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator

Play it back, like your DVR

Reviewing activity is as easy as watching a show on a DVR. There is no more powerful, clear, and context-rich way to review activity. You may have thousands of screenshots for an individual user, but finding the one you are looking for is very easy. When viewing a recorded event you can easily navigate automatically to the screenshot that was taken closest to the time of the recorded event. Or, if you prefer, you can browse all of the screenshots in chronological order, with a navigation bar allowing you to go to any point in time quickly and easily.

File & Document Tracking

With Document Tracking enabled, you are able to track specific USB, CD, and DVD drives. See when new files are created and when existing files are edited, renamed or deleted. You can also track print operations.

If you are not 100% sure you have the visibility you need into & Document Tracking is the answer.

File & Document Tracking is commonly used as a compliment to records needed when conducting incident response or investigations related to insider-driven leaks, breaches, or theft.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator
files

Email Recording

Having a system of record that reflects all of the communications activity in the most widely used medium is critically important when conducting an investigation. Veriato Email Recording records traditional email clients (Outlook/POP/SMTP/IMAP) as well as many popular webmail services. From, To, Subject, CC, BCC, and Web Mail Host columns are sortable, and all content is searchable (Veriato 360 allows for search across all employee emails simultaneously). Keyword and phrase alerting can be combined with email recording to ensure critical information is not being moved in an unsecure manner. Attachments are captured for traditional email client activity.

See behind encryption

Because Veriato Investigator records at the employee’s computer, even email sent behind SSL encryption is visible, ensuring you see every email.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator

Alerting

Veriato solutions alert you when events or anomalies occur that you need to know about. Recon anomaly alerts let you know when someone’s behavior has changed in a way that suggests they are engaged in potentially harmful activities like data exfiltration, while keyword-based alerts can help detect both security and policy violations. 360’s client-side alerting is instant, works both on and off network, and can be used as a trigger to accelerate screen capture. 360’s server-side alerting scans all data collected, matching selected criteria and event types to provide actionable information.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Recon - Behavior Analytics Veriato Recon

Website Activity

Website activity – With Active/Focus/Total times recorded, you get a true understanding of not just how long a user had the website open, but how much time was spent engaged with the site. Traditional web monitors, such as proxy servers, firewalls, etc. are able to often tell how long a website was open, but aren’t able to determine how much time the user was actually on the site because they just watch the traffic itself. For example, if you opened Facebook in the morning and left it minimized all day, you’d see traffic on your firewall or proxy server all day as the feed got refreshed and so forth. However, that doesn’t mean that the user was using the site.

Significantly more sophisticated than browser history, Veriato Website Activity records and maintains information about web activity including:

Additional Media:

video-ph video-ph video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator
website-activity-lg
keyboard-lg

Keystroke Logging

This powerful option enables the capture of every keystroke, including “hidden” characters and keystroke combinations. Enabling keystroke logging on highly privileged users ensures complete visibility into the actions of those with the greatest levels of access within your organization. When used in conjunction with Keyword alerting and Screen Capture, you can quickly zero in on potential issues and see exactly what occurred, in context. Keystrokes are associated with the application that they were typed into. For instance, it would show you that the keystrokes weren’t just typed by “user”, but they were typed into Outlook or Skype.

 

Passwords or not…your choice

Don't want to accidentally obtain the passwords for their employee's personal accounts? Veriato solutions can be configured to not capture passwords, enhancing employee privacy.

Additional Media:

video-ph video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator

Threat Anomaly Detection

An attacker, no matter how sophisticated, will deviate from established behavioral patterns. Using a combination of powerful algorithms and machine learning, Veriato Recon learns what normal behaviors look like in your organization, and detects meaningful anomalies that suggest a threat to your critical data and systems. Organizations that do not implement focused detection efforts are highly vulnerable to damaging insider attacks. Recon’s Anomaly Detection provides actionable information critical to preventing damaging incidents, is easily tuned to provide the right signal-to-noise ratio for your team, and provides needed security without locking things down so tightly that productivity is hindered.

 

Additional Media:

video-ph

This Feature is Available in:

Veriato Recon - Behavior Analytics Veriato Recon

Reports

The Reports feature enables the creation of professional quality management reports that provide insight into how employees are using the resources they have been provided. More than 50 prepackaged reports are printing or sharing via email. “Top 10” reports are very popular with customers, offering rapid insight into things like application usage, document tracking, file transfers, online searches, and more. Reports can be scheduled for regular delivery or run ad-hoc. Reports can be configured with corporate logos or watermarks if desired, and are exportable to PDF, HTML, etc.

 

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360

Global Search

The Veriato 360 Dashboard allows you to search for key words, phrases, filenames, file paths, or other strings within activities (such as email) or across all recorded activity. This powerful ability to find critical data points across the communications and online fabric of your organization insures that you are never left unable to answer the question “what happened.” In addition, it allows for a backward look at things you did not know were significant when they occurred. For example, communications activity that you were not alerting on can be located quickly and easily, providing invaluable assistance during incident response and investigations.

 

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
quick-view-lg

Quick View

Quick View panels provide a high-level view of aggregated data. Quick View charts are action-oriented, allowing events of interest to be immediately explored through click and drill-down capability.

More than 100 charts are pre-configured and available for use, and users have the ability to create custom Quick View panels and charts based on criteria you define, for a single user or for groups of users based on your needs.

Quick View panels are often used by customers to discover activity they were unaware was occurring, and to identify outlier activity that exceeds what is acceptable within their organization.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
chat-im

Chat & IM

Veriato watches chat and instant messaging in nearly every web chat room or messaging client. It can capture everything said by each person joining the conversation. A single Chat/IM Event includes conversation segments by all participants.

Chat/IM Recording reveals:

  • A trail of communication that otherwise might be lost
  • How the organization is being represented to outsiders
  • If confidential information is being leaked
  • Proof of compliance or non-compliance with regulation
  • Inappropriate behavior, harassment
  • Who spends too much time in personal conversations

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360
Veriato Investigator - Workplace Investigations Veriato Investigator

Psycholinguistic Indicators

Psycholinguistics is the study of how humans acquire, use and understand language.  By establishing baselines on how people use language, insights into an individual’s mindset can be gained.  

Algorithms measure the tone and intensity of communication, and changes in patterns of word usage that psycholinguistic studies have shown to be indicative of disgruntlement (a common precursor to insider attacks) or even that an insider is engaged in attack related behaviors that may not yet been detected by other means.  

Veriato Recon includes baselining and anomaly detection using psycholinguistic indicators, adding a powerful detection capability that using the information hidden in the communications fabric an organization.

This Feature is Available in:

Veriato Recon - Behavior Analytics Veriato Recon

Technical indicators

The ways people interact with resources and information shift when an insider begins to attacks.  The deviations from established patterns are easy to miss, unless you are looking for them.

Veriato Recon is designed to watch for these deviations - technical indicators of possible attack.  

There are many technical indicators associated with data ex-filtration.  A key component of a successful data protection strategy includes behavioral analytic focused on these types of indicators, including:

•    Changes in outbound data transfers
•    Changes in file activity
•    Changes in print habits
•    Changes in use of portable and cloud storage

This Feature is Available in:

Veriato Recon - Behavior Analytics Veriato Recon

Baselining & Tuning

baselining-tuning

In order to effectively detect, prioritize, and respond to insider threats, you need the historical metric, the baseline, of what constitutes normal behavior within your organization.  
 
Veriato Recon automatically builds and maintains baselines for you by watching user activity and applying data science and machine learning. As soon as it is installed, Veriato Recon begins collecting and analyzing activities relevant to user behaviors and the entities they use.  During the first 20 days, the system is learning.  It is processing day-to-day variations and discovering each individual’s “normal” patterns.  It is beginning to form peer groups based solely on behavioral characteristics. It is gaining the ability to calculate moving averages for any organizational group.

After the initial period, anomaly detection can reliably begin.  However, because “normal” is a moving target, the machine learning doesn’t stop. Baselining continues in 30-day shifts:  assessing levels, interpreting communication, accounting for new activity, self-correcting where needed, and generating weekly anomaly reports.

Meanwhile, all you did was choose and enable the type of anomaly alerting you want.
 
An alert threshold – to you, a simple “sensitivity” slider - is based on optimal standard deviation values, defining how extreme an anomaly will trigger the alert. When detected behavior falls outside the set threshold, you receive notification with enough information to effectively investigate, prioritize, and respond.

This Feature is Available in:

Veriato Recon - Behavior Analytics Veriato Recon

Application Activity

Veriato captures information about every application and every window opened by a user, every day.

Program Activity recording reveals:

  • When and how long employees are actively using productivity applications
  • Which productivity applications are preferred
  • How much time is wasted on games or frivolous applications
  • Who is using "malicious programs" that put network security at risk
  • Someone attempting to hack into secure areas using malicious tools
  • Someone using unapproved or illegally acquired applications
  • Someone gaining access to applications and files who should not

Additional Media:

video-ph video-ph video-ph video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360 Veriato Investigator - Workplace Investigations Veriato Investigator

Network Activity

Network activity recording allows you to see which applications are connecting to the Internet, when and where the connections are made, the IP ports they use, and the amount of network bandwidth consumed by those connections.

Network activity reveals:

  • Who is accessing streaming audio/video, online gaming, or other resource drains
  • When connections occur, at which ports, and the bandwidth consumed
  • Violations of Acceptable Use Policy regarding media consumption and downloads
  • Which applications make unnecessary or suspicious connections to the Internet
  • Internet transactions not be captured by Files Transferred, Program Activity, or Web Sites Visited recording

Veriato automatically watches network connections, which may be made by the user or by an application.

Additional Media:

video-ph

This Feature is Available in:

Veriato 360 - Monitoring Software Veriato 360 Veriato Investigator - Workplace Investigations Veriato Investigator

Third Party Integration

User Activity data can, and should, be ingested into other solutions to support more customized reporting needs, and for aggregation and correlation with solutions like SIEMs to provide greater insight into potential security problems. Direct integrations with Splunk and Arcsight, an export utility that allows detailed user activity data to be exported in numerous formats, including syslog, and an API that enables a DBA to access raw recorded data to create reports beyond the prepackaged reports available are options supported to ensure you not only have the data you need, but you can use it where it makes the most impact and sense.