Platform and Features | UBA Cybersecurity | ZoneFox

Platform and features

ZoneFox is a market leader in User Behavior Analytics, providing the 360 visibility around your data that you need to protect sensitive information against the insider threat.

  Powerful, Proven Insider Threat Detection

ZoneFox delivers the rapid insights that are critical for helping you to create a strong security posture … and all from a single dashboard. See where your business-critical data is going, who’s accessing it, and who’s doing things with it that they shouldn’t be, either accidentally or maliciously – quickly, easily and without impacting on endpoints or user privacy.

Download the ZoneFox 2017 Datasheet

Flexible Deployment

Our cloud, your cloud or on-prem, ZoneFox is up and running rapidly, providing superior, automated threat  protection of business-critical and sensitive data – however your business needs it. Whether you’re an MSSP, or a growing business that needs to streamline operations, our cloud is the faster, easier, more secure option for even more reliable security:

  • Robust, secure architecture tested by an independent third party
  • Network architecture which fully isolates users from each other
  • Encryption of data both in transit (TLS) and at rest (AES-256)
  • Automated, encrypted backups

Discover more about hosted ZoneFox

Smart User Behaviour Analytics

ZoneFox is your most diligent security analyst, providing the robust insights your team needs to be able to fine-tune your security organization-wide. Automatically detect when a user’s behavior changes, identify users who are potentially planning to leave and rapidly detect compromised user accounts being used to harvest your valuable intellectual property and confidential data and – all without compromising on user productivity and system flexibility.

Discover more about ZoneFox AI  

Clever Network Monitoring

Can your current Insider Threat tool tell you where your business-critical data is going … outside your network? ZoneFox can, tracking file uploads and downloads from a user’s endpoint to any network location, including other computers on the local network, computers across the internet and websites or services such as Google Drive.

Get complete visibility around

  • Total amount of data uploaded or downloaded between two dates
  • The countries from which your data flows in from and out to
  • The countries and hosts (computers or websites) that users upload data to
  • The countries and hosts (computers or websites) that users download data from
  • Users who upload and download the most
  • Specific network events, down to the level of single file uploaded or file downloaded events

Instant Alerting

With ZoneFox as part of your cybersecurity toolset, your organisation will be alerted to information mishandling in real time, enabling you to take immediate action and limit the amount of critical time that your data is vulnerable and giving your partners, customers and employees the invaluable peace of mind that their critical data is secure on your system. ZoneFox alerts can be set up around your needs and delivered via SMS, email, or direct via the interface – however you need them.

Discover how ZoneFox works to secure your business

Automated Monitoring

On PC, Mac and Linux, ZoneFox continuously analyzes and records endpoint activities in real-time, capturing and storing only the key data required to  provide your team with the robust insights needed around risky behavior & anomalous activities – so  you can prioritise what’s important and relevant. The result is crystal clear visibility on data movement that provides the trustworthy foundations for appropriate incident response – all without impacting on end users, system performance & already-stretched resources.

Gain more insight around how ZoneFox works

Compliance Reporting

Compliance Reporting is our much anticipated feature, built to support businesses in meeting the various often complex regulations that compliance entails. For GDPR, Compliance Reporting supports core areas which include the Transfer of Data, as well as the ability to quickly investigate a breach and provide scope details to the regulatory authority within the 72 hour timeframe (even less for Financial Services). It’s super-easy to use too, with an intuitive dashboard, straightforward visuals and uncomplicated reporting capabilities:

  • Tools to help you create policies by regulatory framework, severity, time to reporting and reporting authority
  • Real time alerting of regulation-specific incidents. The ability to forensically investigate the breach so you can identify whether it poses a substantial risk
  • Tools to help you manage investigations and reporting functionality to support regulatory and management information reporting requirements
  • A breach response countdown clock, to ensure you report any breach to the Supervisory Authority within regulatory timeframes

Learn more about Compliance Reporting

Detailed forensics

The ZoneFox agent starts recording all activities the instant you install it, streaming data to the server, compiling a full forensic history of all user behavior on every ZoneFoxed machine and providing the ability to undertake a thorough investigation around activities in a matter of hours, instead of weeks or even months. With ZoneFox’s full forensic record, you can quickly identify and answer key questions around an incident: Who was the perpetrator? What did they take? Where did the data go? When did this happen – and why? This not only enables you to provide the answers that your clients and partners will most likely want and need in a worst case scenario, it empowers you to fine tune your security policies to your organisation’s concerns and existing behaviors.

Find out more about the importance of visibility around data flow

Partner with ZoneFox

Easy Rules Management

ZoneFox provides you with the ability to run flexible, customizable rules that you can implement at the click of a button. And to save time, there’s a robust list of 15 pre-defined rules in the system so you can be up and running quickly, protecting your data straight away while you consider what needs to happen around your organization’s specific needs. This is quick and easy centralized rule-management set-up – no messing, no faffing around.

Simple Control of Data Leakage

If data is leaking from your organization – or it has the potential to – ZoneFox will be the first to know, and you’ll be the next. ZoneFox delivers complete visibility around data leak from your organisation – how data is used and by whom, how it’s been leaked, and which user accounts have potentially been compromised and used to exfiltrate your business-critical data to places you really don’t want it to be. Then take action before there’s a real problem – quickly, easily and without the headaches.

Discover top 5 reasons you need visibility around data flow

Shadow IT

Shadow IT can be great for innovation, creativity and progress within an organization, but they can also pose substantial risk if they’re unauthorized and not under a company’s control. ZoneFox not only tells you about new (potentially unapproved) software within your organisation but it can also tell you how widespread it is, who’s using it and what data has been shared and with whom.

Shadow IT can be a good thing – if managed properly

Visibility around Permissions

71% of employees say that they have access to data they aren’t supposed to see. With time, permissions get blurred as employees shift roles or leave your organization. ZoneFox will show you what’s really happening on your server, not what you think is happening. This crucial visibility on actual activity allows you to fine-tune around areas such global access, excessive permissions and  privilege escalations – all allowing you to protect your valuable data even more robustly.

How protected is your Intellectual property?


Cloud brings it’s own unique challenges when it comes to data protection. ZoneFox can help mitigate that risk around your organization’s cloud usage by allowing you to monitor exactly what data is coming in to, or going out of, the cloud – meaning you can utilize the cloud with confidence and ensure that only permitted users are sharing permitted data and that your precious IP stays where it should – in your hands.

Discover more about ZoneFox and the Cloud

Ready to see for yourself?

Consider a superquick 20 minute online demo and see first-hand how ZoneFox can help protect sensitive data.