User activity-monitoring and analysis provider SpectorSoft on April 16 incorporated a new wrinkle into its frontline product: behavior-based alerting, so users can better detect and prevent insider threats.
It's clearly a trend that security providers of various types are including analytics-based elements in their solutions to gather more data, and therefore visibility, about intrusionists.
The Vero Beach, Fla.-based company's Spector 360 Recon 8.3 for small, midsized and large enterprises now includes user behavior analytics to help enterprises detect insider threats, targeted attacks and financial fraud. The product does this by looking at patterns of human behavior and then applying algorithms and statistical analysis to detect meaningful anomalies from those patterns—events that indicate potential threats.
Spector 360 Recon acts as both an early warning system and insurance policy, ensuring that organizations have the ability to proactively detect and respond to insider threats while serving as a deterrent against insiders acting in ways that put organizations at risk.
The new anomaly detection in Recon 8.3 clearly identifies when user behavior deviates from a baseline set. It also can be tailored to refine the type and number of alerts sent by the system based on the company's business requirements and personal level of acceptable risk.
Recon 8.3 detects and alerts on anomalous behavior related to file interactions and movement, printing, cloud storage usage, removable media usage and email as these are typical paths for insiders to use to take intellectual property.