skip to Main Content

Stop Insiders Before

You’re on the Outside.

SS8 Insider Threat Detection generates and analyzes high-definition network records from internal communications, providing a proactive solution to identify and retrieve key activities from users across your computer network.

Resources

“We had a key executive leave our organization and needed to know if other executives on the team would follow him out the door. SS8 gave us the answer.”

INSIDER THREAT DETECTION KEY COMPONENTS

Key Components

The SS8 Insider Threat Detection (ITD) solution provides the proactive alerting and investigation workflow needed to precisely identify suspected insiders and track their pattern of life within the network.

Sensor + PXE
Deployed on the internal network to records East/West traffic

Enrichment
User ID collected and correlated via directory store (Active Directory, DHCP)

Analytics
SS8 DRAP engine stores and scores user/device activity over time

ITD Discovery
SS8 ITD discovery interface alerts on flagged users, and enables querying of file transfer activity

Intellego
SS8 Intellego can examine full packet and perform reconstruction

INSIDER THREAT DETECTION KEY COMPONENTS

Key Components

The SS8 Insider Threat Detection (ITD) solution provides the proactive alerting and investigation workflow needed to precisely identify suspected insiders and track their pattern of life within the network.

USE CASES

Insider Threat Detection

BLIND SPOT

Where you did not have visibility before, visualize sensitive and/or classified information flowing internally.

STATE SECRETS

For national governments or intelligence organizations, prevent highly sensitive intelligence information from compromising national security.

EMPLOYEE FLIGHT RISKS

Head-off your best employees leaving the building with your intellectual property.

ADDITIONAL FEATURES AND BENEFITS

Enrich Activities

SS8 can enrich a recorded history of network behaviors with user, device, and location information, helping you answer more specifics about an insider threat.

Apply Analytics

SS8 applies recursive analytics to a suspected insider’s pattern of life on the network, enabling you to spot behaviors that would indicate malicious intent.

 

Stop Malicious Intent

Protect your IP by detecting large file transfers, repeated small file transfers, and device connections with unauthorized servers or personal cloud-storage.