SentinelOne

Careful control of administrator rights is the very foundation of IT security; when users have widespread administrator rights, this opens the network to a variety of security risks. However, this issue can be easily mitigated because users do not need to have full administrator rights to accomplish daily tasks. Additionally, privileged users should have access restricted to tasks related to their role/responsibilities only. Viewfinity controls privilege elevation rights for applications and systems which require elevated permissions, eliminating the need to give users administrator rights.


Viewfinity Privilege Management offers granular-level control for managing least privilege environments by providing elevation of privileges for applications running on Windows endpoints and servers. Our privilege control for data extends to privilege management policies that control permissions by elevating or reducing privileges/permissions on folders, files and shares.

 

Benefits Features
Reduces an organization’s attack surface against threats
such as malware, advanced persistent threats, and zero-day
attacks by allowing for admin rights to be removed.
Trusted Sources offers flexible methods for creating broad
coverage policies to handle more than 90% of applications
requiring elevated privileges.
Integrates with threat detection technologies to bridge the
gap between network and endpoint security, further
securing your infrastructure.
Discovery & Audit of applications requiring admin rights
provides in-depth knowledge of your environment before
admin rights are removed.
Customizable control and flexible end-user experience
provides the optimal security vs efficiency balance.
Forensic Analysis and File Origin Tracking provide
comprehensive information (who, where, when, how) about
suspicious behavior. This information can be shared directly
with network threat detection technologies.
Visibility and support for remote workforce enables
organizations to maintain its stringent security posture for
mobile users.
Flexible privilege elevation rules allows for granular control
of administrative rights for applications, scripts and COM
objects

 

Superior End-User Experience

Viewfinity offers unparalleled end-user experience with a solution that strives to provide the optimal balance between comprehensive security and minimal end-user disruption. Our solution enables organizations to seamlessly roll-out the product, automate IT admin operations and fluidly manage end-user privileges, all while reducing security risks within the environment.

 

 

 

 

Customizable Viewfinity Dashboard
The completely customizable Viewfinity Dashboard provides a quick view into the operations and status of company policies and assets. Along with this core competency, we provide tracking and auditing of all administrative activities and elevated privilege policies across an organization’s entire infrastructure, from Windows-based endpoints to servers, virtual machines, cloud/ SaaS and remote based endpoints.

 

 

 

 

 

 

Getting Started:


1. Discovery and Audit
Viewfinity provides comprehensive discovery and audit tools giving IT administrators the ability to identify important information regarding an enterprise’s environment. To start with, Viewfinity identifies those applications requiring administrator rights as well as which users in your environment have admin rights. This knowledge collects privilege elevation needs and then intelligently aggregates similar privilege requirements. This results in ~90% of policies being created up front, providing a smooth transition to least privileges. Managing policies is easy using our Inbox-style GUI.


2. Trusted Sources
Privilege elevation is automatically granted for those applications which actually require elevated privileges if the installation origination or application is trusted. The following Trusted Sources are supported: Software Distributors, Updaters, Network Location, Installation Package, Publisher, Product, User/Group, OS image and more.

 

Controlling administrator rights is manageable, easy and non-disruptive via Viewfinity Trusted Sources Methodology:

* Numbers are approximate based on best practices; every deployment is unique to the company environment.

 

3. Flexible Elevation
Viewfinity elevates, in real-time, administrative rights for certain processes or applications rather than at the user account level. When permissions are raised, the elevation is performed directly within the security token of the specific user process. The application or process is started using the current user credentials as opposed to using RUN AS which needs the Administrative account in order to raise privileges. The RUN AS method potentially introduces security risks and issues for changes that are written into current user registry. 

 

Threat Detection Integration


Viewfinity utilizes forensic analysis and continuous application monitoring to aid in the investigation of security breaches and identifies information related to malicious files. Our forensic analysis keeps track of the source and the entire footprint of all applications, while our application monitoring offers visibility into your server and desktop environments by continuously monitoring and observing on several levels. This information is cross referenced with network security sandboxes and firewalls, reputation database services, and SIEM in order to accelerate detection, incident response and remediation efforts. File DNA capabilities provide powerful insights into who, where, when and how a suspicious executable was introduced into an environment. Powerful remediation capabilities identify bad files on all PCs, allowing you to quickly pinpoint which devices require attention.

 

Watch the video:

 

 

For more information, click on the link below to download a PDF of the company and product overview. 

View/Download Privilege Management Overview 

View/Download Viewfinity Overview