Helge Klein, Managing Director
The current cybersecurity landscape is witnessing a growing demand for advanced tools and solutions to cope with new-age vulnerabilities. While traditional security tools such as antivirus and firewall remain essential, they are not adequate to defend against advanced threats and malware. With an increase in sophisticated cyber-attacks, especially those targeted at endpoints, organisations have been compelled to re-evaluate their endpoint security practices since many firms still lack a crucial aspect of securing themselves: visibility into endpoints. Revolutionising endpoint monitoring by providing a deeper level of detection that leverages advanced analytics to assess every device on the endpoint is vast limits.
vast limits brings to play uberAgent, a robust security analytics and user experience monitoring solution that helps strengthen the security efforts of an organisation. Extending beyond threat detection and response, vast limits provides the much-needed endpoint visibility to eliminate detection gaps and mitigate risks at an early stage. The company’s best-in-class product offers security, performance analytics and monitoring and accommodates specific security detections and visibility with a single lightweight agent. “We provide what organisations are looking for at the endpoint—visibility. We offer complete insights into the regular operations as well as unusual behaviour at endpoints,” says Helge Klein, managing director of vast limits.
The company’s genesis goes back to 2011 when Klein found an opportunity in endpoint monitoring, a market that barely existed then. Working in the IT infrastructure domain, Klein, over the course of time, identified the challenges in the extremely complex IT environment that required the expertise of an external consultant to set up security for endpoint solutions. Leveraging over a decade of experience in enterprise IT, he laid the foundation for vast limits.
Changing Endpoint Security Dynamics with uberAgent
Essentially, uberAgent encompasses two major products (uberAgent UXM and uberAgent ESA) integrated into a single solution that can easily be installed at endpoints. Acting as two sides of the same coin, uberAgent UXM provides rich context and metadata on user behaviour, while uberAgent ESA adds deep security visibility.
To provide best-in-class customised products and support for its clients, vast limits strives to be a partnerfocused organisation, primarily allying with Splunk partners.
The company’s uberAgent ESA comes with featurerich Splunk apps and offers integration with Splunk Enterprise Security.
While uberAgent ESA is optimised for Splunk, it can also be integrated into almost any SIEM infrastructure to directly send the collected data to Elasticsearch, Apache Kafka, and Azure Monitor.
While other products in the market focus on performance metrics, uberAgent UXM has its own key aspects that cover user experience and application performance to make it easy for clients to track their endpoints. uberAgent not only collects data but also provides valuable insights unique to each use case and collects detailed inventory information, shows which applications are used when and how often, determines application reliability KPIs, finds issues with network connectivity, and much more. uberAgent also provides immense context for various activities, such as all the applications running on each monitored endpoint, including information on users and the network connections to and from those endpoints. uberAgent offers detailed information about each individual browser tab, such as time spent on a particular website, which is unique in the market. For the detection of threats, uberAgent ESA’s Activity Monitoring engine is built around uAQL, a powerful event query language that generates an event in the client’s SIEM whenever an Activity Monitoring rule matches suspicious or unusual behaviour.
uberAgent UXM and ESA come fully configured out of the box, which provides an easy start and immediate, valuable, and insightful data
Obtaining such vast amounts of data is only helpful if it can be turned into meaningful insights. To this end, uberAgent converts and categorises the sea of data into a graphical format, which can be monitored and assessed in customisable dashboards. Based on this data, enterprises can optimize and secure their endpoints in a way that employees can work without interruptions. It gives clients explicit visibility into everything happening at all endpoints irrespective of Windows, Mac, VMware, or remote desktops. The endpoint agent is highly configurable, optimised for minimal footprint, and can be seamlessly scaled to use across numerous endpoints without affecting user density. By using Splunk at the back end, uberAgent offers unlimited scalability and flexibility to easily create custom dashboards and visualisations.
Untangling Complex IT Environments
vast limits’ target customers include medium-sized to very large organisations that have complex IT environments. Unlike other security vendors that have lengthy implementation procedures even for a simple task such as a proof of concept (POC), vast limits makes it extremely easy for clients to get going in a quick manner.
Since the tool connects directly to a customer’s SIEM, it does not require databases or other types of server infrastructure. This can help clients carry out tasks like PoCs in an hour. uberAgent UXM and ESA come fully configured out of the box, which provides an easy start and immediate, valuable, and insightful data.
uberAgent has scripted numerous success stories, all thanks to vast limits’ team of experienced IT professionals with rich domain expertise in the fields of virtualisation, end-user computing, and cybersecurity. “We are deeply rooted in the IT community and take inspiration from new trends and customer requirements that can be added to our products to enhance its features, providing a polished solution right out of the box,” explains Klein.
“We provide what organizations are looking for at the endpoint visibility”
Illustrating an example, Klein recalls an insurance company that approached vast limits to provide a bird’s eye view of their IT space right from observing healthy or normal circumstances to unusual situations. vast limits designed a monitoring system with an easy-to-use dashboard that offered broad insights into the client’s IT and layer-by-layer visibility. In case of unusual circumstances or security breaches, the dashboard would show the issues in a manner that drills down to the core problematic area.
Stalwarts of Enterprise IT
Today, the company has carved a niche in the endpoint monitoring sector with successful results—its largest customer has already deployed uberAgent in more than 200,000 endpoints! vast limits adopts the traditional German engineering approach for efficiency to cater to clients across various industry verticals. “While we try to bring together data, our aim is not to drown the customer in data but pick out meaningful insights from that data that can be valuable to IT professionals at our customer organisations.”
En route to transfiguring enterprise security, vast limits is ready to unveil new products. The company is working on broadening its Mac support for security analytics. vast limits is also soon complementing its existing detection engine with a sophisticated graphical rules editor, as well as improving its malware detection tools and techniques. Klein draws attention to how organisations need to be able to determine their security stance for potential threats and identify detection gaps. “We are designing a security inventory that includes a security score for clients to understand their preparedness and identify threat areas to improve their enterprise security,” concludes Klein. By constantly giving insights into relevant and high quality data, uberAgent empowers IT professionals to not only enhance user experience but also security.