Session Auditor

Session Auditor is a network-based human behavior auditing system. Unlike traditional log management systems which record discrete events happening in disparate computer systems and components, Session Auditor records and stores the entire session of human-system-application interaction. Recorded sessions can subsequently be retrieved and played back as required. Activities recorded include screen updates, mouse clicks and keyboard input. The entire session is visually recorded similar to observing the user “over the shoulder”. Session Auditor enhances and simplify audit systems by adopting a transparent network based approach. No complex and costly software (e.g. database, application server, server side agents, etc) is required.

Generally speaking, “audit system” for information systems are separated into two distinct kinds, namely “management” layer auditing and “technical” layer auditing. The former is mapped to auditing tools based on best practices and standards, such as ISO27001 (BS7799) and COBIT. But for the latter, there are numerous tools and approaches available for IT managers to choose from. These tools are typically implemented using log collection and analysis tools in the IDC’s security product category of SIEM (Security Information and Event Management). These logs are designed to record only the event results, without the details of the activities and operations. In other words, if security managers and auditors want to do in depth investigation and forensics, these logs have its limitation.

products

SAS1000 - Powerful Sensor and Datacenter for network behavior analysis and audit.	SAL-200 - Lite version of Session Auditor, cost effective, perfect for SME and branch office!