Securonix continuously builds a comprehensive risk profile of a user based on identity/employment, security violations, IT activity and access, physical access, and even phone records. All identity, activity, and access characteristics are compared to their baseline, their peers, and known threat indicators to identify true areas of risk. All results are scored and presented in interactive scorecards.
HPAs are a primary source of insider misuse and a platform for their attacks. Securonix automatically identifies HPAs such as administrator, service, and shared accounts then monitors them for abnormal behavior associated with an attack while linking the high-risk behavior back to a real user and their risk profile to give the potential threat full context.
Insiders attack sensitive data, transactions, or the systems that host them. Securonix addresses this threat by monitoring critical applications and systems at the transaction, data set, and sensitive user record level. Similar to a user, Securonix continuously builds a risk profile for all applications and systems identifying all high-risk users, access, and activity associated with their sensitive data and transactions. All results are scored and presented in application risk scorecards.
Insider fraud is typically conducted over a long period of time or through complex activity designed to get around the known threat or “signature-based” detection methods. Securonix addresses this blind spot with advanced “signature-less” behavior and peer based outlier analysis techniques that are highly effective at identifying “slow and low” and complex fraud attacks.