“We had a key executive leave our organization and needed to know if other executives on the team would follow him out the door. SS8 gave us the answer.”
INSIDER THREAT DETECTION KEY COMPONENTS
Key Components
The SS8 Insider Threat Detection (ITD) solution provides the proactive alerting and investigation workflow needed to precisely identify suspected insiders and track their pattern of life within the network.
Sensor + PXE
Deployed on the internal network to records East/West traffic
Enrichment
User ID collected and correlated via directory store (Active Directory, DHCP)
Analytics
SS8 DRAP engine stores and scores user/device activity over time
ITD Discovery
SS8 ITD discovery interface alerts on flagged users, and enables querying of file transfer activity
Intellego
SS8 Intellego can examine full packet and perform reconstruction
USE CASES
Insider Threat Detection
BLIND SPOT
Where you did not have visibility before, visualize sensitive and/or classified information flowing internally.
STATE SECRETS
For national governments or intelligence organizations, prevent highly sensitive intelligence information from compromising national security.
EMPLOYEE FLIGHT RISKS
Head-off your best employees leaving the building with your intellectual property.
ADDITIONAL FEATURES AND BENEFITS
Enrich Activities
SS8 can enrich a recorded history of network behaviors with user, device, and location information, helping you answer more specifics about an insider threat.
Apply Analytics
SS8 applies recursive analytics to a suspected insider’s pattern of life on the network, enabling you to spot behaviors that would indicate malicious intent.
Stop Malicious Intent
Protect your IP by detecting large file transfers, repeated small file transfers, and device connections with unauthorized servers or personal cloud-storage.
