High Privilege Account Monitoring and User Risk Profiling
High privilege accounts (HPA) are a primary platform for insider threat attacks. Securonix automatically identifies HPAs, such as users with financial account transaction rights, then monitors them for abnormal behavior associated with an attack. It can link high-risk behavior back to a real user and their risk profile in order to give a potential threat full context.
Securonix continuously builds a comprehensive risk profile of users based on their identity, employment, security violations, IT activity and access, financial and expense transaction history, physical access, and even phone records.
All identity, activity, and access characteristics are compared to that user’s baseline, their peers, and known threat indicators to identify true areas of risk.
Insider fraud is typically conducted over a long period of time or through complex activity designed to get around known detection methods. Securonix addresses this with advanced signature-less outlier analysis techniques that are highly effective at identifying complex fraud attacks.