What tools do you use for insider threat detection?

Risk Management
3.4k viewscircle icon16 Comments
Sort by:
Founder & CISO in Education3 years ago

A mix of Endpoint Detection, logging and monitoring from the IAM and PAM, SIEM, and DLP.

VP of Information Security in Finance (non-banking)3 years ago

There are number of tools that we use to detect insider threats, including but not limited to Splunk, SIEM, and DLP tools.

Director in Construction3 years ago

We focus on the tools with our Microsoft license

Director, Security Operations in Telecommunication3 years ago

We're using several different tools that provide for monitoring of these type activities, these include services available from Microsoft as a part of their Azure/O365 offering, as well as Privileged Access Management tools and 24x7 real-time log monitoring.

CIO/CISO in Healthcare and Biotech3 years ago

We use SIEM as our system of record for collecting/correlating insider threat information, along with data exfiltration protection (DLP/CASB). 

Content you might like

What sorts of tools are you currently using to inventory cryptography usage throughout the enterprise? (Choose all applicable)

Key management system or certificate life cycle management 15%

Network security appliance 46%

Custom/proprietary solution 31%

App security posture management (ASPM) tool 46%

Cryptographic posture management tool 23%

Something else

N/A

View Results

Do you use an ERM-system that also includes cyber security risk management? What tools or systems do you use?

To what extent do you agree or disagree with this statement: I'd prefer to leverage existing on-prem compliance, policies, controls and knowledge for cloud workloads over rebuilding security and compliance in the cloud.

Strongly Agree11%

Agree51%

Neutral17%

Disagree14%

Strongly Disagree6%

View Results

What are some best practices to follow when your organization is preparing to end a vendor relationship? What can you do to minimize the operational disruption that would result?

What key learnings has your organization gained from the cloud outages that we’ve seen this year with Azure, AWS or Cloudflare? Have any of these outage events led you to implement additional resilience measures, or make other changes?