Haystax logo


Haystax Additional Resources

User Behavior Analytics

  • User Behavior Analytics, Redefined
  • Security Analytics Approaches that Don’t Work


    • Artificial Intelligence

  • Forrester: AI for Security
  • Data Science Packet


    • Insider Threats

  • Haystax Insights: To Catch an IP Thief
  • Top 5 Insider Threat Predictions
  • Insider Attacks Trends & Predictions 2018
  • SANS Institute: Defending Against the Wrong Enemy
  • Insider Attacks Insider Threat Study
  • 6 Steps to Reducing Risks from Malicious Insiders


    • Product Fact Sheets

  • Haystax for Insider Threats
  • Haystax for Account Compromise
  • Haystax for Continuous Evaluation
  • Haystax for Safety & Security_LE
  • Mobile Field Interview


    • Video: Insider Threat SOC Automation

    Haystax for Insider Threat is a sophisticated end-to-end Insider Threat Security Operations Center (InTh SOC) platform. Haystax's model-first User Behavior Analytics (UBA) continuously measures the trustworthiness of personnel in an organization, pinpointing early indications of the most serious risk from IP theft, sabotage, fraud, policy violations and other damaging behaviors. Starting with an expert model of insider risk behaviors, the platform integrates a wide array of network and non-network data that’s analyzed using a patented technology, and prioritized against the model. The system then displays the results within a sophisticated interface that interlaces multiple applications that automate or replace the SOC’s investigative workflow. With Haystax, risk and security professionals enable their existing program with speed, confidence and compliance.

    Federal SME Panel Webcast “Insider Attacks Survey”

    Our panel of subject matter experts as they discuss the latest findings from the “Insider Attacks” survey. Panelists will analyze results, share use cases and exchange lessons learned with the audience that will dynamically participate in the discussion during this live Webcast. Participants will leave with a strong sense of what the industry is experiencing and what peers are doing to tackle this growing threat.

    • The “Insider Attacks” study of more than 600 risk & InfoSec professionals found that privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations.
    • 56% percent of respondents reported that insider threats have become more frequent in the last 12 months.
    • 74 percent of organizations feel vulnerable to malicious insiders — a dramatic seven percentage point increase over last year’s survey.
    • Over 75 percent of companies estimating that insider breach remediation costs could reach $500,000.

    This webcast will provide attendees with:

    • The latest findings from Crowdsource Partners on the breath of the Insider Threat problem today.
    • Discussions on varying insider threat problems and use cases – Federal, Commercial & Public-Sector lessons learned.
    • Best practices to combat this growing challenge, to make sure you are taking efficient steps to reduce the risk.

    SANS Institute 2017 Insider Threat Survey Results: Defending Against the Wrong Enemy:

    Information security pros consistently rate insider threats as one of their top concerns, but often don't do much about it. According to the results of the 2015 SANS insider threat survey, 74% list insiders as among their top concerns, with 34% admitting to having been a victim of a successful insider breach that is estimated to cost their organization more than $1 million. Breaches caused by the misuse of insider credentials are so difficult to spot that 70% aren't noticed for months, according to the 2016 Verizon Data Breach Investigations Report. Sixty-three percent of breaches involving privileged access involved weak or stolen passwords, which is why the rapid growth of phishing and other credential-stealing tactics are growing so quickly. When it comes to preventing insider attacks, "prevention is more a state of mind than reality," according to SANS expert Eric Cole, Ph.D., author of the 2015 report Insider Threats and the Need for Fast and Directed Response. "Many organizations are still not creating and implementing insider threat programs and need to aggressively increase their focus to better protect the organization," Dr. Cole wrote in 2015. "They need to take aggressive steps to implement administrative and technical solutions for controlling the damage an insider can cause."

    This webcast will explore the survey results with emphasis on:

    • Top concerns related to internal threats.
    • What insider threat programs entail.
    • Maturity of such programs.
    • Tools used to detect and deter insider threats.
    • Whether organizations have improved their abilities to stop.malicious insiders without interfering with those doing their jobs.

    Research and Webinar lead by: Eric Cole, PhD Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.