The latest release of the Digital Guardian Analytics & Reporting Cloud (ARC) contains a new insider risk workspace that can give information security teams greater visibility into insider threat activity. Read on for more details.
Whether intentionally or inadvertently, insiders remain a frequent source of data loss for organizations. Security leaders need a way to assess the risk of users both proactively and reactively. Digital Guardian's new insider risk workspace gives administrators that visibility. From the main alarm screen, analysts can right click on any user and dive into a user specific risk workspace.
Once in this view, analysts can see a timeline of risky behavior to quickly assess the individual, then dive in for more detail if needed. Security teams can gain visibility into the machines individuals have used, the applications launched - including number of times, classified file access, and any suspicious processes that may be associated with that user.
From here, the analyst can make a more informed decision about whether the users' actions require more investigation and action. DG simplifies any investigations; these user activities can be dragged into an investigation to automate the process of building the timeline.
Both the Teams integration and the insider risk workspace are included for all Digital Guardian customers of either our SaaS platform or our managed security offering.
