Learn More on Smart Investigator's Points of Value

Compromised Users Detection

During an attack campaign, after infiltrating within a company’s systems, an advanced cyber-criminal will usually hijack the identity of legitimate users for recognition or exfiltration.


Smart Investigator pinpoints all suspicious users accounts, based on its sophisticated Anomaly Analyzer self-learning mechanism, without the use of predefined rules or heuristics.

Malicious Insider Identification

Edward Snowden is the most famous example of a legitimate contractor who accessed, collected and made use of highly sensitive data from the NSA, the company he was serving. This proves that no organization is immune to inside threats of this kind.


Smart Investigator is able to identify users and contractors that have a high risk activity or access sensitive data, by investigating their behavior history log by log, second after second.

Sensitive Data Access Investigation

The access of enterprise users to databases, file share systems and applications may have hidden, high-risk patterns. While some actions may be considered more suspicious than others, access becomes more risky when it’s in the hands of certain high-risk users.


Smart Investigator uses its dedicated set of innovative modules to analyze users’ access to databases, file share systems and applications, and to automatically pinpoint suspicious access activities.

Security Events Verification

Information Security needs second prioritization of events for monitoring, by enriching SIEM/FW/IDS/DLP systems with big data machine learning-based analytics on users.


SIEM systems manage rule-based events that are correlated and prioritized in real-time. Smart Investigator ensures a better prioritization of events, based on non-rule-based big data and historical data analysis.

Malicious Intruders Identification

There is a person within the company’s structure who was monitored, investigated and recognized for security information leak / stealing. The company’s security team would like to be alerted as soon as he sets foot in the building.


The native integration with physical security module NEC NeoFace® allows Smart Investigator to alert security admins immediately when a black-listed / white-listed person passes in front of a registered camera within the CCTV network. The application automatically sends an email/message alert in real time.

Contact our cybersecurity experts to find out more details now