Insider risk detection and response tool

Human error is the leading cause of data breaches

There are various ways employees unintentionally put their organization at risk, including browsing risky websites, downloading malicious files, accessing confidential data through unsecured Wi-Fi networks, or inserting USB sticks containing malware.

How Reveal works

The Reveal Agent is deployed to Windows, macOS, and Linux computers and servers, where it records granular user data from your employees and reports it back to the Reveal Infrastructure for security threat analysis.

The Agent collects and records data regardless of network connection and location, meaning you get full visibility of what your employees are doing whether they’re in the office, working remotely at home, or travelling.

Policies allow you to automate threat detection and response by defining rules for specific user activities and the actions that are taken if these rules are breached.

Reveal offers an extensive number of out-of-the-box and configurable policies that you can customize to align with your IT policies and security needs.

Benefits

With rich contextual knowledge, you get transparency of the behaviors, actions, and intentions surrounding an incident. Follow a user or file across devices and locations to get the insight you need.

By augmenting the operators, you get actionable alerts, so you can detect and resolve incidents in seconds or minutes instead of days or weeks.

Reveal uniquely combines policies and machine learning sensors to detect and stop more insider risks.

Reveal offers both out-of-the-box and configurable policies that you can customize to align with your security and compliance needs. Policies automate threat detection and response by allowing you to define rules for user activities and the actions that are taken if these rules are breached.

Reveal’s breakthrough machine learning capability combines multiple algorithms that monitor user, entity, and network behavior to detect security threats. The machine learning component generates statistically robust models of behavior that are tailored to each individual in an organization and achieve better predictive performance.

Track file movement on and across systems and browsers with advanced content inspection to protect against data loss. Reveal Agents can inspect files for credit or debit card numbers, identity card numbers, insurance numbers, social security numbers, national health service numbers and more.

With Reveal, employees receive incident-based training that enforces your IT Security Policy and Acceptable Use Policy to align your employees. The instant feedback loop provides effective, time-efficient and affordable security awareness training.

Halt suspicious activity by performing actions on computers. With Reveal,you can isolate devices from the network, lock out user sessions, take screenshots, display messages, block uploads, and kill processes to protect your organization.

Policies are enforced regardless of whether your employees are online, meaning that you can protect your data and devices at all times. This is especially helpful when someone is trying to circumvent security measures.

Reveal ensures incidents are investigated and managed objectively while maintaining user privacy.

Providing anonymization and pseudonymization data masking techniques, Reveal conceals identifying user information so incidents can be analyzed impartially and data protection laws are adhered to.

Understand and transform your security posture with interactive policy violation reporting. The policy reports page lets you view high- and low-level policy sensor data, so you can assess the effectiveness of your existing security controls and identify areas for improvement.

Boost your team’s threat hunting tailored to your specific needs at a fraction of hiring costs with our full-service analysts.

Easily manage information security risk and compliance

Manage your information security risks within acceptable levels. Prevent data loss or theft of intellectual property, personal data, and financial documents to protect your livelihood and competitive advantage in the market. Ensure compliance with PII, GDPR, NIST, and more while increasing your employees’ security awareness without taking them away from their job with on-screen messages to help train the staff. All included in one tool.

Improve company-wide security posture and reporting to upper management

Make your organization’s static IT security policy come to life. With incident-based training and real-time, on-screen messages, you can educate employees to lower the risk of data breaches and ensure compliance without taking them away from their job. Reveal’s cloud-hosted solution is simple to buy, install, and maintain–while reducing overhead. With all features and out-of-the-box protection included, get up and running in no time. Automatic reports help communicate IT security priorities to Management.

Digitally enforce signed contracts and protect IP

Make an impact by working together with IT to protect and equip employees in a cost-efficient and effective manner to meet compliance needs. Raising security awareness reduces risks related to negligent and accidental behavior. Digitally enforce signed documents, such as AUP, ISP, and IP deeds. For off-boarding of staff, take a proactive approach to employees leaving in protecting company intellectual property.

Integrations

Microsoft 365

The Microsoft Information Protection (MIP) integration allows customers to sync their sensitivity labels to Reveal DLP policies, so the agents can protect files inside and outside the Microsoft environment.

Microsoft Outlook

The Microsoft Outlook integration allows customers to monitor inbound and outbound email activity on the endpoint. Agents can then alert customers to risk indicators and non-compliance, and provide in-situ awareness and training to employees as necessary.

LDAP + Active Directory

Generate and automatically assign labels to users based on attributes in your LDAP directory. With Reveal’s directory labels, configuration and peer analysts of reports is easier. For example, you can create policies for specific departments, filter policy violation reports by department, and enrich user profiles.

IBM Qradar

Reveal integrates with IBM’s Qradar to enable security teams to remediate insider risk, whether malicious, negligent, or accidental

Splunk

Reveal integrates with Splunk’s analytics-driven SIEM to enhance the team's ability to detect and respond to endpoint incidents stemming from insiders.

Slack

The Slack integration allows line managers, legal, and HR to stay on top of relevant insider incidents when they need to.

Certifications and awards

U.S. Cyber Command winner

Reveal took first place in the insider threat simulation facing seven industry-leading DLP, EDR, UBA, and SIEM vendors. Winner of seven out of ten categories, including best overall performance.

Blog post
JITC certified

Reveal successfully completed certification testing with the Defense Information Systems Agency’s (DISA) Joint Interoperability Test Command (JITC).

Blog post
NITTF compliant

Reveal is compliant with the CNSSD 504 and meets the key User Activity Monitoring (UAM) requirements defined by the NITTF.

Blog post
Cyber Security Awards winner

Ava won Cyber Security Startup of the Year, exhibiting excellence, strong leadership, evidence of achievement, and innovation to receive this award.

Awards page
TAG Cyber Annual vendor

Distinguished vendor with solution to the challenge of supporting the SOC Analysts.

Download report

Are you an MSSP?

The Reveal MSSP Console helps managed security service providers (MSSPs) mitigate insider risks across multiple organizations. With the MSSP Console, you can easily scale your business by managing multiple SaaS deployments from POC to production through a single pane of glass.

Check out MSSP Console for Ava Partners

Prevent data loss while mitigating insider risk

Insiders account for the costliest data breaches