What tools do you use for insider threat detection?

Risk Management
3.4k viewscircle icon16 Comments
Sort by:
Founder & CISO in Education3 years ago

A mix of Endpoint Detection, logging and monitoring from the IAM and PAM, SIEM, and DLP.

VP of Information Security in Finance (non-banking)3 years ago

There are number of tools that we use to detect insider threats, including but not limited to Splunk, SIEM, and DLP tools.

Director in Construction3 years ago

We focus on the tools with our Microsoft license

Director, Security Operations in Telecommunication3 years ago

We're using several different tools that provide for monitoring of these type activities, these include services available from Microsoft as a part of their Azure/O365 offering, as well as Privileged Access Management tools and 24x7 real-time log monitoring.

CIO/CISO in Healthcare and Biotech3 years ago

We use SIEM as our system of record for collecting/correlating insider threat information, along with data exfiltration protection (DLP/CASB). 

Content you might like

How do you mitigate the impact of unexpected talent departures? Are there any tech solutions or other strategies you use to retain institutional knowledge?

Read More Comments

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

What are your top priorities for Identity & Access Management (IAM)?

Privileged access management (PAM)41%

User authentication (e.g., passwordless, MFA, biometrics)72%

Machine identity management (e.g., keys, certificates, secrets)38%

Mobile & IoT authentication18%

Cloud IAM & Governance18%

View Results

I’m in the process of developing and formalizing the Risk Appetite Statement (RAS) for my organization, a public transport operator. Before we bring the draft to the Board, I’d appreciate your views on the best approach for engaging the Senior Leadership Team (SLT): Is 1:1 engagement more effective to gather candid input? Or would a group workshop be better to align perspectives and drive collective ownership? If anyone has experience developing a RAS specifically for a public transport or infrastructure-focused entity, I’d love to hear your lessons learned or key considerations. Appreciate any tips or tools!

Read More Comments

What's the top friction point to move to the cloud in your enterprise?

Cost structure24%

Lack of in-house skills to migrate / deploy / manage workloads on cloud50%

Security / governance compliance concerns19%

Lack of performance or features that you have on-prem but not the cloud6%

View Results