Securonix Security Analytics High-risk Events
Has the solution helped to surface high-risk events that require immediate action? If yes, please give examples.
Securonix has helped to surface high-risk events that require immediate action... [A] good example is correlating events with foreign travel, for instance. One of the things we have programmed in is HR data around a known last-day-worked. We've been able to correlate people whose last day at work was within 48 or 96 hours of having foreign travel booked. Those things, by themselves, don't really mean anything, but as part of a model they add to the score of someone who has data leakage events. We've used those factors successfully to increase the score of someone with leakage events and prioritize them so that we can react before the person has left the company and the country.View full review »
[Securonix] helps to surface high-risk events that require immediate action, such as identification of penetration testing.View full review »
As for the solution surfacing high-risk events that require immediate action, Securonix correlates different policy-violations together into what it calls threat models. There have been a few examples of threat models that have been triggered which gave us a high degree of confidence that there's a threat that we want to investigate right away. Using the threat models has really helped prioritize events of interest for us.View full review »