Securonix was implemented to analyze events that are generated by the customer’s DLP solution and enrich each event with identity and activity context. Securonix analyzes the activities performed by users by comparing each event to previous behavior by the user and also comparing it with colleague activity through its automated peer group analysis functionality. The solution then goes on to evaluate and risk rank each event by adding context that comes from HRMS, Firewall and Proxy data, allowing the security team to be aware of disgruntled employees (bad review, notice of termination in HRMS) as well as being able to flag employees for possible flight risk by evaluating other activities such as browsing the web on job sites etc. This creates a comprehensive picture that allows the security team to focus on those events that really need to be investigated.
By using Securonix to monitor the usage of its most sensitive information, the customer is able to significantly reduce the risk of data theft. The customer is no longer drowning in thousands of DLP alerts that more often than not, turn out to be false positives and is able to focus their efforts on those events that really matter.
Securonix is empowering the customer to rapidly detect and mitigate any misuse of data by providing immediate alerts to high risk events and providing the facilities to take action on these events in order to prevent the exfiltration of sensitive information from the organization. By being able to rapidly detect exfiltration attempts, the company is able to very significantly reduce the loss from exfiltration events.
By enriching the events coming in from DLP with Identity and activity context, the client is able to reduce the total number of alerts that they need to investigate by up to 90%, and is reporting an overall reduction of false positive alerts of 99%. This is creating tangible savings for the client in time and resources that previously had to sift through thousands of false alerts.