|
ArcSight ESM and the Insider Threat Package acts as an early warning system designed to detect suspicious activity, such as printing large numbers of files outside of business hours, emailing large attachments to personal email accounts, employee communication with competitors or the clearing system audit logs to cover up one\`s tracks. In addition to the early warning system, the Insider Threat package also includes information leak and IT sabotage-specific detection capabilities such as real-time rules designed to identify inappropriate access or transmission of sensitive data, or internal use and presence of hacking tools.
|
 |
Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasures
Book by Brian Contos, CISSP, CSO of ArcSight
|
Related Resources
|
|
White Paper: Addressing Insider Threats With ArcSight ESM |
|
|
Top 10: A Guide to Selecting a SIM Solution for Insider Threat |
|
|
Solution Brief: Addressing Insider Threats |
Webinars
-
Secrets, Sabotage and Subversion: Managing the Insider Threat
-
Citizens, Delinquents and Rogues: Putting a Face on Insider Threat
-
Enemy at the Water Cooler: Identifying Insider Threats
Podcasts
- Hot Seat: Insider Threat Video
Network World, September 2006
- Enemy at the Water Cooler
Cyberspeak, August 2006
- Enemy at the Water Cooler: True Stories of Insider Threats and Countermeasures
Network Security, July 2006
- Identifying Insider Threats
Sploitcast, July 2006
- The Enemy Within
ZDnet, June 2006
- ArcSight & Intrusic--An Insider Threat Primer
May 2006 | 
