Introduction
Kabeen enables the analysis of user behavior and usage within a company’s IT environment through the use of a user agent, which consists of a combination of a native agent and browser extensions.
These agents collect web browsing data to generate usage statistics, user satisfaction, performance, and availability metrics for each application within the information system.
User agent security
Kabeen’s user agent is composed of two main components:
A native agent that collects a workstation inventory and measures the usage of native applications when they are in the foreground. This agent is also responsible for transmitting certain authentication and configuration information to the browser extensions.
A browser extension that is technically embedded within each compatible browser (Firefox, Chrome, and Edge) to measure web browsing usage.
The data collected by the agent is sent to Kabeen’s API over an HTTPS channel (api.kabeen.io). The data source is verified through an authentication token entered during the agent configuration (API Token).
Collected Data
The usage data collected by Kabeen at each URL change in the browser includes the following:
User Agent
Usage Collection
Data | Description |
User Data | User’s first and last name (Windows display name) and SID to uniquely identify users. This information is only collected if the user tracking feature is enabled. |
Web Navigation | When browsing the web on compatible browsers, the agent collects URLs, page titles, performance statistics, and any errors encountered. |
Native Navigation | When using native applications on the workstation, the agent collects the application name and session duration. |
Workstation Inventory
Data | Description |
Hardware Information | Manufacturer, model, architecture, processors, memory, batteries, screens. |
System Information | Hostname, OS, version |
Network Information | Network interfaces and IP addresses. |
Metrics | CPU and memory load, storage consumption. |
Data Storage
This data is transmitted over HTTPS from each deployed agent to our entry point (api.kabeen.io) on our infrastructure hosted on Google Cloud Platform (region europe-west9).
The full data path is as follows:
Data is collected and sent in batches (1-minute batch) from the agent to the URL https://api.kabeen.io.
The data passes through Google Cloud CDN to reach the entry point of our infrastructure (via a Load Balancer), which distributes it to our backend running on the Google Cloud Run service.
Once authenticated and verified, the usage data is stored on a dedicated Elastic Cloud platform where regular statistical tasks and purging are performed.
Information Processing
These various collected elements allow for statistical analysis to understand the usage and performance of applications within the information system. The data is retained for long-term analysis and is deleted when the tenant is destroyed.
Browser Extension and Manifest v3 Standard
Our browser extension complies with the Manifest v3 standard for extensions, limiting the collection of information to what is explicitly stated in the manifest, requiring user consent during initial installation or any changes in permissions.
Monitoring Professional Applications
The Kabeen user agent checks each visited URL against our application catalog to feed into a self-discovery process of used applications, including potentially Shadow IT. This catalog contains only professional applications, so personal application usage will not be captured by our self-discovery mechanism.