AD InSight

The InSight Platform™ is a Continuous, Automated Incident Resolution (CAIR™) platform, delivering the workflows and capabilities necessary to detect, analyze, and resolve any data event—from security breaches to e-discovery and other Governance, Risk and Compliance (GRC) issues. It is the industry’s only combined platform and works seamlessly across business units. InSight Platform integrates network, endpoint and malware analysis, end-to-end e-discovery and remediation technologies into a single, scalable solution. This makes it possible for all security, legal and compliance teams to do their jobs using one platform, automating tasks and collaborating in real time to address virtually any security incident or legal matter.


  • Software Point Products
  • Hardware Redundancy
  • Agent Fatigue
  • Database Redundancy


  • On License Fees
  • Software Maintenance Costs
  • Training Expenses
  • Services Charges


  • Security
  • Compliance
  • Response Times
  • Human Resources
Integrating my SIEM with AccessData’s InSight Platform has reduced our response times from 12 hours to 2.5 hours. That’s an 80% reduction in response time.
Golan Ben-Oni, CSO and SVP, Network Architecture
IDT Corporation

The Cyber Intelligence and Response Technology in the InSight Platform integrates network, endpoint and malware analysis, large-scale data auditing  and remediation capabilities for a solution that doesn’t just deliver rapid detection and response; it delivers Continuous Automated Incident Resolution.

Endpoint Threat Detection
  • Signature-less malware detection, triage and analysis. No sandbox required.
  • Data leakage detection and remediation.
  • Advanced volatile/memory analysis.
  • Forensic Toolkit® (FTK®) technology.
  • Visibility into Windows®, Apple®, Linux®, Solaris and AIX® hosts.
  • Mobile device analysis and acquisition.
  • Bi-directional removable media monitoring.

Network Threat Detection

  • Full packet capture.
  • The only technology that also provides host-based packet capture.
  • Play back incidents from thousands of communications.
  • Capture and analyze Web, chat and social media.
  • Play back VoIP calls in seconds.
  • Decrypts SSL and SSH.
  • Monitors 2500 protocols and all 7 layers of the OSI stack.

Bi-directional SIEM Integration

  • Automated response and remediation capabilities.
  • Launch operations from either SIEM or InSight Platform.
  • View analysis in either interface.
  • Easy configuration.

Integrate Threat Intelligence with Incident Resolution

  • Source-agnostic threat intelligence and IOC ingestion.
  • Monitor both network and endpoints against multiple threat intel / IOC sources.
  • Automatic response and remediation of detected exploits.

Detect Advanced and Unknown Threats

  • Signature-less malware detection.
  • Detect anomalous behavior on network and endpoints indicative of hacking and APTs.
  • Customizable Known File Filter removes noise when hunting for threats.
  • Built-in batch remediation.

Real-time Collaboration

  • A virtual war room for all teams.
  • Work synchronously to detect, analyze and remediate compromises.
  • Easy reporting up and down the chain of command.

The Insight Platform™ integrates key capabilities for handling the spectrum of information security and legal business problems. It is the first combined platform and works seamlessly across multiple departments. The integration of AD eDiscovery and Summation technologies give organizations the industry’s leading end-to-end e-discovery capabilities.

Litigation Hold

  • Easy-to-use and wizard-driven.
  • Hold notifications can include documentation, interview questions, notification to other required entities.
  • Real-time hold status.
  • Comprehensive reporting.


  • Collect from workstations, mobile devices, laptops, network shares, email servers, databases and 30+ structured data repositories.
  • Collect all custodian data (even when custodian is off-network) or perform a targeted collection.
  • Perform incremental collections on data that has changed since a previous collection or pick up where an interrupted collection left off.
  • Reuse & associate collections with multiple cases.
  • The only solution that enables discovery and preservation of ESI on mobile devices.


  • Process 700+ data types as you collect, while maintaining chain of custody.
  • Distributed processing for increased efficiency and greatly reduced processing time.
  • Automatically identifies and categorizes data, even encrypted files.
  • De-duplicate email and ESI across the matter or for a specific custodian, de-NiST and OCR.

Early Case Assessment

  • Cull data by custodian, data source, document metadata and type.
  • Email threading and analytics.
  • Advanced search with hundreds of unique data filters.
  • Custom tagging and bookmarking.
  • Export to all industry standard load files and EDRM XML.

Final Review and Production

  • Includes all Summation capabilities.
  • Scanned document, electronic document, email and transcript review.
  • Production tools including bates stamping, burned-in redactions and production history.
  • Advanced search, with keyword, concept and '4-D'.
  • Integrated Technology Assisted Review (“TAR” or “Predictive Coding”).
  • Integrated visualization module with graphic representation of case data.
  • Redact in near-native view with word boundary support.
  • Native Concordance database migration for direct loading into Summation.
  • Imports Concordance & Relativity load files.
  • Exports Concordance, Relativity, Ringtail, iConect, Introspect & EDRM XML load files.
Response Time

AccessData announces the release of InSight Platform, a comprehensive integration of AccessData’s cyber security, e-discovery and enterprise investigations technologies. InSight Platform is the first Continuous, Automated Incident Resolution (CAIR) Platform and works seamlessly across all departments to deliver automated detection, analysis, response and resolution. Security, Compliance and Legal teams can all rely on InSight Platform to address any cyber threat, mobile and BYOD risk, GRC (Governance Risk & Compliance) issues and eDiscovery. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData.


from the blog