Detecting Malicious Insiders and Imposters by Monitoring User Journeys in Enterprise Applications
and Malicious Insiders
in Business Applications with User Journey Analytics
Detects fraud and security threats at the application layer
Supports custom-built, cloud and SaaS applications
Reduced complexity and increased accuracy over rules-based solutions
User Journey Analytics - Increased Accuracy, Reduced TCO
User Journey Analytics is based on the analysis of activity sequences performed while using an application, in contrast with UEBA, which analyzes each activity on its own and then builds a timeline. The sequence provides enriched context for anomaly detection and enables better accuracy based on journeys, as opposed to outcomes. Higher quality alerts means security analysts reduce wasted time on false positives.
Leveraging RevealSecurity’s patented clustering engine - tailored for clustering user journeys - TrackerIQ automatically learns multiple journey profiles per user across applications. Detecting anomalous journeys by comparing users to themselves and their peers provides an extremely high signal-to-noise ratio.
The detection model is applied to any SaaS or custom-built application, analyzing user journeys in and across applications to detect anomalies. This model eliminates the need to understand business application logic and no rules are required.
TrackerIQ complements XDR solutions at the business application layer to detect threats and fraud. Existing detection solutions are focused on the infrastructure layers and on access to business applications, resulting in very limited effectiveness against malicious insiders as well as external attackers who succeed to bypass authentication mechanisms.