What tools do you use for insider threat detection?

3.4k viewscircle icon16 Comments
Sort by:
Founder & CISO in Education3 years ago

A mix of Endpoint Detection, logging and monitoring from the IAM and PAM, SIEM, and DLP.

VP of Information Security in Finance (non-banking)3 years ago

There are number of tools that we use to detect insider threats, including but not limited to Splunk, SIEM, and DLP tools.

Director in Construction3 years ago

We focus on the tools with our Microsoft license

Director, Security Operations in Telecommunication3 years ago

We're using several different tools that provide for monitoring of these type activities, these include services available from Microsoft as a part of their Azure/O365 offering, as well as Privileged Access Management tools and 24x7 real-time log monitoring.

CIO/CISO in Healthcare and Biotech3 years ago

We use SIEM as our system of record for collecting/correlating insider threat information, along with data exfiltration protection (DLP/CASB). 

Content you might like

Yes, always35%

Yes, sometimes but not always55%

No5%

Unsure…5%

View Results

Lack of attribution visibility13%

Disconnected analytics tools63%

Manual reporting processes14%

No clear success benchmarks11%

View Results