Preempt Security Inc., a breach prevention provider backed by notable investors such as General Catalyst Partners, sees room for improvement in how companies handle the potential risks posed by internal users.

The startup is seeking to reduce the threat with a new “adaptive” network protection product that it unveiled this morning. The Preempt Platform, as the offering is called, draws upon the data that workers generate as they interact with company systems to find security problems. It collects everything from log-in records to metadata such as what access permissions are assigned to a user.

Preempt puts the pieces together to create a picture of how a given employee uses their organization’s infrastructure on a day-to-day basis. The startup says that this high-level view makes it easier to spot weak passwords and other vulnerabilities, as well as catch suspicious user behavior.

Threats are ranked based on their severity to help companies prioritize incident response efforts. According to Preempt, scores are determined not only according to the usual security parameters but also the business context. Anomalous activity on, say, an executive’s laptop would show up higher in the platform’s management console than a similar alert for a contractor with limited system access.

Companies can use a policy engine built into the platform to handle many such threats automatically. According to Preempt, the software provides the ability to place restrictions on users doing something they’re not supposed to in a way that minimizes the business impact.

If a worker’s device is suspected to be hacked, for example, they might be asked to answer an extra set of security questions when logging into an important system. Preempt can then take further action should their behavior confirm the existence of a threat, including suspending access permissions. 

This capability builds on the firewall that the startup originally introduced last year. The core value proposition is the same: automatically enforcing security policies saves work for network protection teams and facilitates faster response to threats.

Image: Unsplash