For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.

Image module

Haystax for School Safety

Haystax meets the constantly evolving challenges of providing safe learning environments for students, faculty, staff, and local security partners by integrating all vital incident and school facility information into a single, online platform.  Physical assessments and behavioral assessments along with the ability to report and monitor incidents on or near campus are hallmarks of Haystax for School Safety.  Know your threats sooner, respond faster, and effectively coordinate actions for all stakeholders.

Image module

Haystax for Public Safety

Law enforcement professionals are called upon daily to perform a broad range of tasks—from routine patrols, intelligence gathering and investigations to major crime and incident responses. Their challenge is to ensure public safety despite incomplete intelligence, limited cross-jurisdictional information sharing, and tight budgets. Haystax helps law enforcement agencies prepare for and respond to any crisis with a dynamic picture of emerging threats, rapid  intelligence-collection and incident-reporting tools, and a seamlessly integrated user environment that  ensures maximum collaboration and analytically sound command decisions for rapid response.

Image module

Haystax for Enterprise Security

Haystax has developed a suite of applications designed specifically to help corporate security decision-makers and analysts navigate this challenging environment. Haystax alerts corporate leaders to their most likely threats and natural hazards, provides critical security and operational information about each physical facility, regardless of its size or geographic location, and allows risk managers to identify and mitigate their biggest vulnerabilities. Moreover, the Haystax platform enables security teams to manage incidents and major events—from the ops center or out in the field.

Equipped with these insights, CSOs can better anticipate their risks, communicate with leadership and limit their company’s exposure to financial, legal and reputational liabilities.

PrevImage of Cyber Fraud model on laptopHow Bayesian Networks Glean Better Insights During Clearance Investigations05 July 2018NextFishtech Group Completes Acquisition of Haystax24 July 2018

Haystax Product Update: Redefining SOC Automation

July 13, 2018

Security operations teams in search of deeper threat hunting capabilities and more streamlined investigations of workforce risks will find the enhancements they seek in the latest release of Haystax Technology’s Haystax Analytics Platform.

Haystax provides unprecedented levels of automation and scalability and broader data visualizations than ever before possible. It is currently the only user behavior analytics (UBA) solution delivered via the cloud or on-premises that can display trustworthiness scores and multiple indicators of risk for every employee in an organization on a single screen, from lowest to highest risk, even when there are tens of thousands of employees (image, below).

Risk scores are continuously updated by the Bayesian behavioral model that sits at the heart of Haystax. With the recent enhancements, security operations center (SOC) analysts and threat specialists can now isolate each individual within the model view to ascertain exactly what events are triggering a change in their risk score (image, below). Unlike the often overwhelmed analyst, the model produces consistent, comprehensive and analytically defensible results without ever getting tired or needing a day off.

The ability to zero in quickly on an extremely small high-risk population will save threat hunters hundreds of hours they would normally spend scouring through multiple security systems. The core trustworthiness-related hypotheses and supporting evidence they need — from changes in risk scores to specific events that indicate financial, personal or professional stressors — are already built in to the model and the Haystax environment.

Another new feature is an enhanced data connector framework that makes it easier to bring in additional kinds of data for use as evidence in the model. Most other security systems started only with network data and are now having to tack on new sources to improve their results.  Haystax applies network data but has always connected to numerous non-network sources like HR records, travel and expense reports, printer logs, access badge data and digital media feeds to provide a more holistic whole-person view of workforce risk. The latest enhancements automate much of the work needed to define events from this data and map them directly to the model.

In the newest version, moreover, events now act as complementary evidence to incidents in Haystax. Incidents (e.g., “Low trust score” or “Change in trustworthiness”) are created automatically when an individual’s risk profile crosses a predetermined threshold or changes by more than a certain percentage when model beliefs are updated with new data.

An event, by contrast, can be one of dozens of specific behaviors or actions that triggered a change in score, such as “Inserts Prohibited Device,” “Unsatisfactory Performance Rating,” “Performs Internet Gambling,” or “Cash Embezzlement Case.” Events also include positive life milestones like “Received Masters’ Degree” or “Full Time Employment.”

Details of all events and incidents related to an individual are displayed on the profile page of that person (image, above), giving the analyst a full array of supporting information directly within the Haystax environment as to why an individual’s risk score went up or down. Since personnel information is sensitive, Haystax also has a redaction feature that replaces names, titles and other information of a personally revealing nature with alphanumeric characters. Importantly, these can be unredacted by senior managers in major risk investigations.

Additional Haystax feature enhancements in this release are likewise intended to improve the ease and flow of high-pressure analytic and decision-making operations and thus further automate the SOC. They include:

  • Viewing Options: New screen layout functions in the Haystax interface give users the ability to arrange individual information panes within each app to mirror their particular job priorities and workflows. Analysts monitoring high-risk individuals, for example, can position their model results timeline at the top of a profile page, enlarge several other panes that are part of their daily analytic workflows and hide unused panes for greater screen clarity. Besides the Haystax Assets app that tracks individuals, the layout feature is enabled for Incidents, Events and other apps. Each user can have his or her own layout template, and Haystax will remember the setting every time a new session is initiated.
  • Communications: Users have the option of receiving a daily email detailing every action taken across their Haystax tenant in the previous 24 hours. This Daily Digest will report, for example, how many assessments or individual incidents were created, or events or incidents generated, providing a way for users to quickly catch up on the activities of others in their tenant.

 

Related posts