Raytheon's SureView Insider Threat and Privileged User Abuse Detection Software

April 28, 2014
New release features Privileged User Monitoring and Auditing Policy Pack

DULLES, Va., (April 25, 2014) — Raytheon Company today announced the latest developments found in their new SureView release, which include new policy support features that enhance product capability for continuous monitoring and network auditing against insider threat and privileged user abuse.

With this release, commercial and federal organizations now have access to a Privileged User Monitoring and Auditing (PUMA) Policy Pack specifically designed to enable SureView to detect malicious acts and policy violations by privileged users that often go undetected. Additionally, this latest release includes SureView Spotlight, a software development kit that allows integration with best-of-breed analytic solutions.

“For more than a decade, customers have relied on SureView to detect and stop malicious activity inside their networks. SureView is a proven solution specifically built to address human behavior and provide the insight necessary to recognize both malicious and non-malicious insider threats,” said Ed Hammersla, managing director of Raytheon Cyber Products at Raytheon Intelligence, Information and Services. “The latest enhancements to SureView are the result of customer inputs and lessons learned from long-term deployment. In fact, the PUMA Policy Pack was developed to meet requirements specifically articulated by our customers to mitigate the privileged user threat.”

Additional New features of SureView include:

  • Host-based Network Traffic Monitoring and Collection: Because many network incidents can be attributable to simple negligence, SureView’s new network collector monitors and captures the actual network traffic. If connections or ports are found open, leaving them vulnerable to attack, an alert is sent that includes the user who left the connections open. 
  • Simplified Policy Creation: Now policies can be created with a simple right click and by leveraging Window’s event logs.
  • New Collection Capability: Monitors and collects data published to Windows event log providing easy integration with other technologies such as third party Security Information and Event Management (SIEM) systems.
  • Enterprise Application Suite Enhancements: This release supports large scale deployments with enhanced user, agent and group management. It also provides the ability to generate contextual reports with a simple “right click” and export data to a file that is printer friendly.