QUOTE REQUEST
Enter your contact information and our manager will contact you
Insider threats management
Our client, a software development company, that worked with Fortune 500 and delivered insider threats management solutions, needed outstaffing support in a project related to company security.
During this project, our goal was to create a full-cycle insider threat protection platform for enterprises.
During this project, our goal was to create a full-cycle insider threat protection platform for enterprises.
Project details
Platform
Web & mobile
Services
Business Analytics,
Web & mobile development, QA,
Support & maintenance
Web & mobile development, QA,
Support & maintenance
Partnership
2020 – 2021
Hours spent
38k+
The situation
The main platform idea was to combine three critical insider security controls: activity monitoring, access management, and identity management. In addition, all functionality should be included in one universal platform delivering for all types of endpoints.
We also had to develop a smart alert system with an additional set of automatic incident response tools. Moreover, the client noticed the importance of per-endpoint and jump server deployments as well as any hybrid scheme. Also, it was challenging to consider all possible access management features like full-powered PASM, one-time passwords, multi-factor authentication, and others.
Another important task was to add real-time analytics to the platform for reviewing all company's ongoing events and processes.
We also had to develop a smart alert system with an additional set of automatic incident response tools. Moreover, the client noticed the importance of per-endpoint and jump server deployments as well as any hybrid scheme. Also, it was challenging to consider all possible access management features like full-powered PASM, one-time passwords, multi-factor authentication, and others.
Another important task was to add real-time analytics to the platform for reviewing all company's ongoing events and processes.
The solution
During this project, we:
- improved access control by adding session logging and activity auditing.
- developed an advanced screen video recording module with multi-layer indexing metadata.
- added possibility to track applications' names, visited URLs, opened files, typed commands, keystrokes, connected devices.
- developed a smart alert system to detect the incident as early as possible.
- built an AI-based UEBA system (User and Entity Behavior Analytics) to detect a hacker who has penetrated a corporate system.
- added the ability to install the platform on all company's computers remotely.
Technology stack
С++
.Net
PostgreSQL
SQL Server
Key results
Together with the client's team, we developed a platform that allows managing insider threats and protecting corporate information. The smart alert system we created, helps to identify and investigate the causes of incidents and also notifies weaknesses in the system and fishy situations in advance.
This solution offers clients for all popular operating systems and supports virtual environments as well as any network architecture. We also considered the possibilities for any hybrid enterprise architecture support. Thus, we have created a flexible and effective solution to ensure internal bank security and protect against threats.
This solution offers clients for all popular operating systems and supports virtual environments as well as any network architecture. We also considered the possibilities for any hybrid enterprise architecture support. Thus, we have created a flexible and effective solution to ensure internal bank security and protect against threats.
NEED HELP?
We will gladly help you!
Need help?
Just type your contacts