Product / Solution

  • Home>
  • Product / Solution
  • All

  • Hard

  • SaaS

  • Soft

  • Virtual

Veriato Recon is User Behavior Analysis Software that provides early warning of suspicious behavior by passively monitoring user behavior and alerting when actions contradict policies or vary from well-defined patterns.

Veriato Recon's User Behavior Analytics detects insider risks and insider threats early and reliably. By learning your users' normal behavior, Veriato Recon is able to detect behavior pattern shifts directly related to threats and alert you before the problem fully manifests. User Behavior Analysis ("UBA") provides a critically needed and different perspective because it is laser focused on actions of the insiders themselves. Veriato Recon's approach to UBA combines an intuitive user interface with powerful analytic capabilities. This powerful combination improves insider threat program effectiveness, augments your other security investments (like SIEM), and lowers your risk to insider attacks.

For companies who have sensitive intellectual property, which if stolen or exposed by insiders poses risk to the company, and want to protect critical information without restricting access or locking systems down so tightly that productivity is hindered, Veriato Recon is User Behavior Analysis Software that provides early warning of suspicious behavior by passively monitoring user behavior and alerting when actions contradict policies or vary from well-defined patterns. Rather than focusing on protecting assets, Veriato Recon monitors user behavior for indicators of risk, recording and alerting when insider risk is elevated, enabling rapid interdiction, reducing false positives, and insuring actionable reporting.


Veriato Recon’s behavioral analytics capability provides critical insight into shifts in established patterns that are directly related to insider threat behavior. Early detection is key to mitigating risk, harm and the threats insiders pose. By focusing directly on the behavior of insiders, Veriato Recon can isolate anomalies and alert on them immediately.

No more piecing together information from disparate sources in an effort to reconstruct what happened. Save time and money with a system of record that doesn’t require specialized expertise to decipher. Veriato Recon supports best practice of reviewing departing employee online activity during the 30-day period prior to resignation or termination.

Best practice dictates aggregating user activity data with other sources of intelligence to minimize the risk of an insider threat. Integrations with leading SIEM providers, along with the ability to export data via syslog, provide a powerful stream of user activity intelligence to the solutions you’ve already invested in – making them even more effective. .

Veriato Recon stores underlying user activity data on local machines, and transmits only alerts and transactional information across the network. It does not require dedicated hardware, and once deployed requires very little IT interaction. Unlike many User Behavior Analytics solutions, it is designed to be easily tuned to your environment


Recon is always on, monitoring the behavior patterns of users and scanning for signs of an insider threat. The software learns what normal looks like, and adapts to changes in routine seamlessly. The agent runs silently, in the background, and Veriato Recon does not interfere with business processes or productivity.

Veriato Recon applies algorithms and statistical analysis to detect anomalies in user behavior that indicate elevated insider risk or insider threat. Once detected, alerts are sent via email and, at your discretion, to your SIEM solution. Veriato Recon also includes keywords and phrases that are proven indicators of insider threat activity.

Employee activity logs are created and stored on the local machine where the activity is occurring for up to 30 days. To ensure the logs are safe and available, these employee activity logs are encrypted and obfuscated. The employee activity logs provide a comprehensive record of everything that
an employee did before, during, and after an alert.

Built on the proven foundation of Veriato 360, Veriato Recon is deployed and managed from the same console. Organizations that wish to employ a mix of User Behavior Analytics and User Activity Monitoring will find it exceptionally easy to implement and manage, enabling proper coverage of higher and lower risk insiders.



Recorder (for computers & laptops being monitored)

  • Windows 10, Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows Server 2012, Windows
  • Server 2008, Windows XP, Windows Server 2003* (*Some of the newer features, such as the Restart Message on installation, are not supported on older clients with Windows XP and Server 2003 operating systems)
  • Mac OS® X 10.9 or higher running on a 64-bit Intel processor
  • Network Access (Networked on a Windows Domain, Workgroup, or Novell® Network)
  • Administrator share level access to computer for remote installation Control Center


  • Windows operating system, x32 or x64:
  • Windows Server 2012
  • Windows Server 2008
  • Windows Server 2003
  • Windows 10
  • Windows 8.1
  • Windows 8
  • Windows 7

  • Processor -  Intel-compatible, 1 GHz or faster.
  • RAM - Minimum 4 GB.
  • Configuration - Uses Native English language (to run SQL Server)
    Uses the NTFS (not FAT32) file system
    Static IP address is recommended.
Go to regional site
OK (Redirect in 3 sec)

headtechnology UA

Levanevskogo Str., 6, office 79

03058 Kiev, Ukraine

tel.: +38 044 353 30 20

fax: +38 044 457 85 41


  • All

  • Hard

  • SaaS

  • Soft

  • Virtual