How does SenseOn work?
SenseOn obtains its patented visibility (natively linking user > process > network at source) with an extremely lightweight agent that installs onto Windows, Linux or Mac (client, or server physical, virtual or cloud); the agent consumes less than 1% of 1 CPU core, occupies less than 200MB of memory and installs silently without the need to reboot.
The platform works out of the box, with no lengthy implementation or complicated log ingest required.
The unified endpoint and network telemetry collected by this agent is reported over the internet to a single-tenanted SenseOn SaaS analytic appliance deployed in the customer-local region of choice.
This appliance uses a variety of detection methods to generate observations for any suspicious activity, which are combined with alerts ingested from the major Cloud platforms and contextually linked into context-rich cases with high priority cases pushed to security analysts for investigation.