Enterprises struggle to understand what is truly going on in their organization: what their users are doing and how to stop risky activity. Add in the complexity of a hybrid cloud environment, multiple legacy systems, unmanaged endpoints, and unsanctioned applications, and it's no wonder organizations struggle to get the insight needed to make real-time decisions and stop risky and potentially malicious activity.
Preempt has always prioritized the need for contextual insight about threats and risk, using that information to enforce conditional MFA to every access attempt so that organizations can get a better grasp on security. In doing so, Preempt has partnered with Ping to give security teams the ability to extend conditional MFA to any network resource as well as any Ping-federated application on-premises or in the cloud.
Many difficult to protect resources such as workstations, servers, or legacy applications can be protected with conditional access without the need for agents. All remediation of risky access attempts are done in real-time, helping reduce burden on the SOC team.
Preempt for Ping Use Cases
Customers who have deployed Preempt for Ping can expect these capabilities:
1. Protect Federated Applications Against Risk
Preempt can trigger MFA adaptively based on changing risk or threat context. Because user credentials are the #1 target for attackers seeking to move laterally and steal or damage assets, Preempt leverages adaptive MFA to provide an essential control critical to stopping the abuse of these compromised credentials. Preempt automatically detects risky behaviors, anomalies in the network, and a wide variety of advanced attacker techniques. When malicious or risky activity is detected, Preempt can then trigger a Ping MFA challenge based on policy or risk score. Watch below:
2. Extend Ping MFA to Any Asset
Preempt can enable PingID multi-factor authentication for virtually any network asset including proprietary and custom systems, servers, workstations, and applications. Essentially any network-level authentication or authorization to the domain controllers can be protected with strong authentication through Preempt without the need for an invasive agent on the host or customization of an application. For example, everything from accessing a workstation over the network to access through a Powershell tool can be protected by Preempt’s delivery of conditional MFA. Watch below:
3. Achieving Visibility Everywhere
Uniquely with Preempt, you can get full visibility of user behavior, risks, and threats both on-premises and in the cloud. This is critical to organizations that want to understand their security posture and all risk in their environment. Not only can you get all of your access attempts in the network visible to you, Preempt combines that insight with all your access attempts in the cloud to truly give you a single pane of glass of your organization’s security health. By breaking down silos and allowing you to get a complete understanding of your risky activity in one central location, you can finally take the actionable steps needed to preempt threats.
Remediating Risk In Real Time
With an easy-to-use management console, Preempt provides a continuous health and risk assessment - revealing password problems, privileged access abuse, stealthy admins, Active Directory (AD) configuration issues, and more — so that you can gain more control over all accounts and enforce real-time remediation of risky activity in your environment. Equipped with threat detection and risk insight, you can now stop potentially malicious activity from happening in your organization. Once the security incident is remediated, the data is incorporated back into Preempt’s cyber logic models to help make smarter decisions on the organization’s risk and threat levels. This way, your organization will always have a dynamic response to any security incident that is occuring — staying one step ahead of the attacker.