WIXLIB

Netwrix AuditorKnow Your Data. Protect What Matters.www.netwrix.com

01Product OverviewNetwrix Auditor PlatformNetwrix Auditor is an agentless data security platform that empowers organizations to accurately identifysensitive, regulated and mission-critical information and apply access controls consistently, regardless of wherethe information is stored. It enables them to minimize the risk of data breaches and ensure regulatorycompliance by proactively reducing the exposure of sensitive data and promptly detecting policy violations andsuspicious user behavior.IdentifyUnderstand which dataneeds protection and howexposed it is.ProtectMinimize the risk of a databreach.DetectPromptly detect datasecurity threats.RespondMake faster and moreinformed incident responsedecisions.RecoverFacilitate the recoveryof key data and learnfrom past incidents.ComplyAchieve and proveregulatory compliance.

02BenefitsUnderstand which data needs protection and how exposed it isIdentify and classify sensitive data, both structured and unstructured, and data and infrastructure risks that mightendanger its security.Minimize the risk of a data breachSee who has access to what and proactively remediate the overexposure of sensitive, regulated andmission-critical data.Promptly detect data security threatsSpot abnormal user behavior and policy violations that threaten data security.Make faster and more informed incident response decisionsReduce mean time to respond to data security threats and contain incidents.Facilitate the recovery of key data and learn from past incidentsReview comprehensive details about how a security incident happened and what data was affected.Achieve and prove regulatory complianceProactively assess the effectiveness of your data security controls and prove your compliance to auditors withhard evidence.

03Understand which data needs protectionand how exposed it isPrioritize the security ofsensitive data acrossmultiple data silosClassify and tag both unstructured andstructured data regardless of its location soyou can prioritize the security of sensitiveinformation. Apply security policies consistentlyacross multiple data repositories.Identify overexposedsensitive dataSee which pieces of sensitive dataare most at risk so you can prioritizeremediation of those risks. Discoversensitive information that is exposedto a large number of users without abusiness need or that is stored in anunsecure location.

04Understand which data needs protectionand how exposed it isAssess data and infrastructure security risksIdentify both data and infrastructure security gaps, such as a large number of directly assigned permissions or toomany inactive user accounts. Continuously evaluate these security metrics and focus on what’s most important.

05Minimize the risk of a data breachAutomatically quarantinesensitive data to reducethe risk of a breach or lossIf a sensitive document pops up in anunexpected location, automatically move itto a quarantine area until you can determinewhere it should be stored and who shouldhave access to it.Immediately lock downsensitive data that isoverexposedIf access controls around sensitive data arenot risk-appropriate, automatically removeall rights to read or modify this informationfrom global access groups like Everyone.

06Minimize the risk of a data breachStreamline regular privilege attestationsSee who has access to what sensitive data and how they got that access, and enable data owners to regularly verifythat these rights are in line with business needs. If they aren’t, remove excessive permissions to enforce theleast-privilege principle and keep risk at an acceptable level.

07Minimize the risk of a data breachIncrease the precisionof your DLP solutionDLPsolutionNon-sensitive items tagged by mistakedo not require protection. Optimize yourdata security efforts by increasing theaccuracy of your data loss prevention(DLP) tool using the high-precisionIPPIIGDPRPCIDSSPHIclassification tags written by NetwrixAuditor.Redact sensitiveinformation basedon corporate policyReduce the risk of exposure of confidentialinformation by automatically redactingsensitive content from documents if there’sno business requirement for it to be there.Maintain productivity by keeping the restof the document intact.

08Promptly detect data security threatsEstablish strictaccountability over the useof privileged accountsContinuously monitor the activity ofprivileged users across all systems toensure that they follow internal policiesand don’t abuse their privileges to access,modify or delete sensitive data withoutbeing caught.Stay on top of privilegeescalationDetect any changes to access rights or groupmembership so you can assess whether anypermissions to sensitive data have beenmodified without a legitimate reason. Quicklyrevert any improper changes to reduce risk.

09Promptly detect data security threatsDetect ransomwareattacks in progressGet alerted about signs of possibleransomware activity, such as a largenumber of file modifications in a veryshort period of time. Quickly isolate theuser account responsible to stop theransomware from encrypting all the filesthat account has access to across yournetwork.Keep third-party activityunder close scrutinyCarefully monitor the activity of third-partyuser accounts in any system or application,even if it doesn’t produce any logs,to ensure full accountability. Get notifiedany time a vendor does something outsideof their scope of activity, since theirunauthorized actions could put your dataat risk.

10Promptly detect data security threatsDetect compromised accounts and malicious insidersPromptly detect even subtle signs of possible data security threats in progress, such as unusual logons or usersaccessing sensitive data they haven’t accessed before. Easily identify and investigate the users who pose the mostrisk with an aggregated view of the anomalous activity by each individual.

11Make faster and more informed incidentresponse decisionsStreamline incidentinvestigationQuickly get to the bottom of incidentsinvolving sensitive data: Understandexactly what happened, how it happened,who was behind it and which pieces ofinformation were affected. Use thiscontext to formulate the best possibleresponse to the incident.Reduce the mean time torespondReact to data security threats faster byautomating response to anticipatedincidents. Provide initial incident supportand enable faster, more accurate investigations by integrating Netwrix Auditor intoyour SecOps process.

12Make faster and more informed incidentresponse decisionsDetermine and report the severity of a data breachAnalyze how much data a malicious insider or a compromised account had access to and exactly which pieces ofdata were actually viewed, modified or deleted. Use this information to determine whether you need to reportthe incident and, if necessary, to notify all affected parties and take other appropriate steps.

13Facilitate the recovery of key dataand learn from past incidentsUnderstand the value andsensitivity of data to planinformation recoveryprocessesInventory your data and see where themost sensitive or valuable data islocated. Create information recoveryplans that prioritize the restoration ofthat data.Get back up and runningfaster by prioritizing therecovery of key dataDetermine which sensitive, confidential ormission-critical data was corrupted duringan attack and prioritize its recovery. Seewho had what access to those documentsto get your business users back up andrunning as soon as possible.

14Facilitate the recovery of key dataand learn from past incidentsIncorporate lessons learned into your data security strategyAnalyze exactly how a security incident occurred and use this information to improve your data security strategyand prevent similar incidents in the future.

15Achieve and prove regulatory complianceAssess the effectiveness ofdata security controlsImplement compliance controls acrossyour entire infrastructure and regularlyassess whether they work as intended.If written security policies differ fromwhat’s actually in place, you can fix yourfaulty data security controls beforeauditors discover them.Comply with accessrequestsEasily find all data you store about aparticular data subject when they exercisetheir privacy rights under GDPR, CCPA andother modern regulations. Provide themwith a list of this information or erase itcompletely if they withdraw their consent.

16Achieve and prove regulatory complianceSlash time spent oncompliance preparationand auditsPrepare for the bulk of auditors’requests by taking advantage ofout-of-the-box reports aligned to thecompliance controls of HIPAA/HITECH,PCI DSS, GDPR and other commonregulations.Store and access youraudit trail for yearsKeep your audit trail archived in acompressed format for more than 10 years,as required by many regulations, whileensuring that all audit data can easily beaccessed by authorized users at any time.

17ApplicationsNetwrix Auditor ApplicationsNetwrix Auditor platform includes a broad range of applications that provide a single-pane-of-glass-view of what’sgoing on across both data storages and backbone IT systems. This insight enables organizations to understandwhere sensitive data is located, what the risks around it are and what activity is threatening its security.InfrastructureUnstructured DataStructured DataCloudNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forNetwrix Auditor forActive DirectoryNetwork DevicesWindows ServerVMwareWindows File ServersSharePointEMCNetAppNetwrix Auditor forExchangeSQL ServerOracle DatabaseOffice 365Azure AD

Deployment OptionsOn-premises, virtual or cloud — deploy Netwrix Auditorwherever you need itOn-premisesVirtualCloudFully supported onAvailable in appliances forMicrosoft WindowsVMware and MicrosoftHyper-VFully supported and testedin Microsoft AzureServerWindows ServerFully supported inAWS MarketplaceMicrosoftHyper-VMicrosoft Azure

RESTful API — endless integrationcapabilities for improved data securityand streamlined reportingCentralize auditingand reportingGet the most from yourSIEM investmentAutomateIT workflowsNetwrix Auditor collects activityBy feeding granular audit dataNetwrix Auditor integrates withtrails from any on-premises orinto your HP Arcsight, Splunk,other IT security, compliancecloud applications and stores themIBM QRadar or other SIEMand data management tools,in a secure central repository, readysolutions, Netwrix Auditorthereby automating andfor historic reviews and complianceincrease the signal-to-noiseimproving IT workflowsinquiries.ratio and maximizes SIEM value.and SecOps processes.Visit the Netwrix Auditor Add-on Store at www.netwrix.com/go/add-ons tofind free add-ons built to integrate Netwrix Auditor with your IT ecosystem.

Built for IT environments of all sizes,Netwrix Auditor architecture supportsthe growth of your organizationNonprofit, 150 employeesEducation, 1K employeesHorizon Leisure Centres acceleratesWilliam Woods University uses Netwrixdata classification to ensure the securityAuditor to reduce risk of data exposureof sensitive data and comply with GDPR.and improve security posture.Government, 3,8K employeesEnergy, 5,8K employeesJohnson County in Kansas streamlinesPike Electric troubleshoots securitydetection and investigation of suspiciousissues faster and ensures businessevents with Netwrix Auditor.continuity using Netwrix Auditor.