<img alt="" src="https://secure.leadforensics.com/110471.png" style="display:none;">

Account Takeover Protection

Identify and remediate compromised accounts, even if the breach happened long ago.




Avanan’s complete visibility leaves nowhere for attackers to hide

By nature, account takeovers are difficult to detect. Since the initial entry-point can be any cloud application, simply monitoring email is not enough. In addition to monitoring email, Avanan analyzes login events and end user activities across every cloud application used by your organization.


Looking for patterns to identify compromised accounts

By collecting numerous real-world incidents of account takeover events, the Avanan event analysis algorithm identifies behavior that can be a sign of malicious behavior or might lead to an insecure configuration. Such patterns include:

  • Logins from new devices, locations, or browsers
  • Suspicious mailbox configurations, such as deleting all incoming mail or forwarding to an outside address
  • Insecure or malicious mail configurations, such as filters, forwards, and secondary accounts.
  • Disabling of multi-factor authentication
  • Suspicious internal emails, often with multiple recipients
  • Multiple password resets in short period of time
  • Changes in contact groupings (BCC, mixed role, unusual relationships)
  • Changes in session characteristics (length, time-of-day, behavior, and applications used)

Once a compromised account is identified, Avanan responds in real-time with effective remedies to lock out the attacker before the damage is done.

OUR SECURITY PARTNERS

 

  • arcsight2
  • checkpoint2
  • FireEye
  • PaloAlto6
  • sophos2
  • Symantec4
  • Lastline2
  • McAfee-logo2
  • Splunk3
  • sandblast5
  • smart-phish3
  • GTB20Technologies
  • gfi3
  • F-Secure_Logo
  • avg4
  • VMRay-wide6
  • ESET_logo5
  • totaldefense
  • Trend-Micro-Logo1
  • AhnLab3

READ THE WHITE PAPER

Cloud Account Takeover

Cloud Account Takeover Cover (shadow)

From the Blog

9 Myths of Account Takeover

Account Takeover Attacks are a nearly invisible tactic for conducting cyber espionage. Because these breaches can take months or years to detect, we are slowly discovering that thi...