BEACON

BEACON provides automated workflow and case management of risk alerts to detect, assess and secure against the risk of anomalous behavior.

Insider threat audit relies on several key technology platforms to deliver and aggregate the required data for effective detection, analysis and resolution or investigation. Depending on the event, a repeatable workflow process is tailored to the alert and an organization’s normal operating procedures.

Analysts utilize contextual information to help determine if the anomaly is within the scope of expected role behaviors or it if warrants escalation. When escalation is recommended, the analyst creates a package which contains all the relevant data regarding the alert/behavior and all collected contextual information. The Escalation Package is transferred to an appropriate investigative authority.

BEACON tracks and documents all of the analyst’s activities to ensure that chain of custody is maintained for reported data and escalation packages. Whether benign or malicious, all activity is captured and stored for future reference and statistical purposes.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s