IDECSI delivers cutting edge technology
and engages all employees in effective,
cost-efficient cyber security
Continuous real-time analysis of data – access logs, admin logs, configuration objects – machine learning, behavioral analysis, individualized protection, context management and real-time alerting, SIEM and SIRP integration.
Intelligent, application aware security.
Continuous update of the risks.
What are the possible attack vectors against your email platform? Against your collaboration tools or against your proprietary applications? What potentially dangerous actions can be taken by someone with your password , or by your IT administrator, or by someone with their credentials?
With the IDECSI platform, you can detect unauthorized access or malicious operations without being an expert in the secured applications, and without a long and expensive configuration project. IDECSI is natively preconfigured with a risk repository specific to each protected application. Each operation performed is verified. If the operation is potentially dangerous, it immediately triggers our real-time analysis processing. Therefore, the IDECSI platform is immediately operational.
The IDECSI risk repositories are constantly updated to provide up-to-date security throughout the life of the protected application.
Personalized protection, unique for
each user – no false positives
For each application and for each protected user the IDECSI platform collects the relevant information – access logs, administration logs, configuration objects. This data is analyzed in real time by our big data platform using our optimized algorithms.
For each protected user and resource, the IDECSI platform combines machine learning and behavior analysis to generate individual protection profiles. Each person benefits from personalized protection based on their mode of operation.
In addition, the IDECSI platform provides a summary of the user’s configuration in easy‑to‑understand, non-technical language. This can be validated by the individuals concerned.
3 stages of continuous risk analysis
with real-time alerting
The IDECSI platform continuously collects millions of logs and objects generated by the protected applications.
Each action is analyzed against the application’s risk repository to determine if it is potentially dangerous. If so, the second stage of analysis is activated.
The IDECSI platform checks whether the operation performed is legitimate. Does it match the profile of the protected person or resource? Are the user, the access mode, the origin of the access, and the behavior displayed consistent ? If any of the criteria do not match, an alert is immediately generated. If all criteria are consistent, the IDECSI platform activates the third stage of analysis.
The IDECSI platform verifies that each operation is possible in the context in which it occurs. For example, if your email is accessed from London at 10:45 and SharePoint from New York at 10:52, the platform will alert.
This third stage of intelligent analysis is essential and is one of the ways in which IDECSI identifies password theft.
Whether your applications are located within your network, in the cloud or both, the IDECSI platform can provide full protection. It analyzes the information provided by each protected application and a single console manages the security of all applications.
Who knows best whether a new connected device is valid?
Or whether a forwarding rule is expected or malicious?
Or whether the requested file sharing is acceptable? Ultimately, the owner of the account knows whether an action is genuine or unauthorized.
IDECSI ensures the user can provide this essential information. The platform provides realtime notification to the owner of any suspicious configuration change or access from a new user, allowing the owner to validate that the operation is legitimate.
This notification is provided by an application downloaded to their device, or by SMS or email. The notifications are configurable and only those the use cases determined by the security team are communicated to users.
The IDECSI platform sends non-technical information in user-friendly language. Upon receipt, the user can respond via the smartphone application or the user website and communicate directly to the security team regards the validity or the danger of the action.
Hybrid architecture allowing native integration
with SIEM or SIRP
The IDECSI platform can enhance and optimize your central analysis tools, whether SIEM or SIRP.
Information managed by IDECSI, including alerts and notifications, can be sent to the SIEM or SIRP in native format, taking advantage of the integration mechanisms they provide.
Since the SIEM and SIRP are by nature protected and are typically not accessible from outside the network, the IDECSI connector deployed within your environment can receive data from the IDECSI cloud platform, transform it into native format and send to the SIEM or SIRP using the interfaces provided.