INSIDER THREAT SECURITY BLOG

There are many sources of motivation for hackers and bad actors to do what they do, but ransomware attacks are driven by two primary motives; money and destruction. However, even though there are dozens of ransomware variants with new mutations being discovered weekly, they all exhibit the same common behavior; large volumes of file modifications in short periods of time. If you’re going to do this, you need to detect unusual or abnormally high file system activity in short timeframes as well…

Data is like a precious metal to a business. Like any precious metal it has to be found, extracted, valued, and refined before it can be truly useful. Understanding how precious data is to an organization leads us down the path of needing to know who has access to what data within the organization. The practice of understanding who has access to what has become known as Access Governance. With the emergence of cloud technology, governance has taken on a new dimension. The four walls of the da…

Is Stealthbits a competitor to Varonis? Well, does Coca-Cola compete with Pepsi? Does Ford compete with Chevrolet? Does Apple compete with Microsoft? The answer is quite simply, yes. However, that’s not what Varonis CEO Yaki Faitelson would tell you. Take a look at this transcript from the Q3 2015 Varonis Systems Inc. Earnings Call held on November 5, 2015: http://finance.yahoo.com/news/edited-transcript-vrns-earnings-conference-075006681.html. When asked by Scott Zeller, an analyst with Ne…

Here’s a line I’m sure our competitors would like to take out of context: STEALTHbits is not in the business of protecting data. We’re actually in the business of protecting sensitive data. Of course, this may be a distinction without a difference. In today’s data security environment, it seems like just about everything could be sensitive under the right circumstances. Come on, Jeff. No one cares if the bad guys penetrate the network and make off with pictures from the company’s Wednes…

Understanding who is opening another user’s mailbox is an integral Compliance requirement within any regulated institution. Whether Security needs to monitor executive mailboxes for users probing for information on confidential material, or find the Exchange administrators taking advantage of their elevated mailbox support rights, it is pertinent to have a single consolidated view that highlights these access violations. Data leakage can cause both financial and reputational damage to an org…

The Securities and Exchange Commission is responsible for, among other duties, enforcing insider trading laws. In so doing, it needs to know which trades are suspiciously profitable and warrant investigation, and which are routine. In other words, they need valuable information. Each day, millions of securities trades are completed, and each one is meticulously recorded in a database somewhere. The SEC has access to all that data… And it’s worthless. It takes sophisticated algorithms th…

Let’s face it. Varonis has smart people. Stealthbits has smart people. Varonis doesn’t have super-secret technology that only their smart people can develop, and neither does Stealthbits. The difference between the two solutions lies in corporate history, market philosophy, and, frankly, a real-time security capability Varonis simply doesn’t offer. History History is powerful. The remnants of decisions made somewhat arbitrarily a thousand years ago still impact us today. Think about it. Som…

In the original Wall Street movie (1987), an ambitious Bud Fox (Charlie Sheen) literally buys an office building cleaning company so he can gain access to sensitive, nonpublic information on which he can profit from illegal stock trades. He dons a cleaning company supervisor uniform, brings a small camera and hand-held portable copier, and begins surreptitiously searching through file cabinets for financial information, merger and acquisition legal documents, and other data that will give him…

This week the FBI and DHS issued a “Public Service Announcement” about insider threat. I’ve written a lot about insider threat over the years. It’s always been something that needs more focus and attention than it gets. In part, this is because it doesn’t make as sexy a headline as “Hacker Steals Everything!!!” Certainly, there have been a lot of those lately. I go see customers and we’re there specifically to talk about things relevant to insider threat: employee access, over-provisioning of…

Last week, we talked about the headache-inducing security fault known as Open Access. Now, let us be your Advil. For the past decade, STEALTHbits has been working with many of the largest, most complex organizations in the world to perform content collection and analysis across their technology infrastructure. Through these operations, we have developed an advanced workflow process to support complicated organizations along with more streamlined ones. Each organization has a unique structu…