Site logo
Sticky header logo
GET A DEMO
  • PLATFORM
  • SOLUTIONS
    • For School Safety
    • For Event Security
    • For Law Enforcement
    • For Emergency Management
    • For Fire Safety
    • Public Safety Services
  • ABOUT
    • Leadership Team
    • Our Data Science
    • Careers
    • Case Studies
    • Awards
    • Login
  • BLOG
  • RESOURCES
  • CONTACT
Mobile logo
Sticky header logo
Mobile logo
Sticky header logo
Advanced Threat Analytics Analytics artificial intelligence Bayesian networks cloud solutions cybersecurity emergency response Enterprise Threat Management events field intelligence first responders Haystax Haystax Analytics Haystax Analytics Platform Haystax Technology incident management Insider Threat law enforcement Media Coverage mobile apps Modeling public safety Public Safety Cloud risk management school safety security analytics situational awareness threat analytics threat monitoring user behavior analytics
PrevHaystax Product Update: Workflow-Driven Analytics for Actionable Threat Hunting19 March 2018Nextschool safety assessmentWant Safer Schools? Start with an Assessment19 April 2018
  • Technology & Data Science

Gaussian Processes with Spectral Mixture Kernels to Implicitly Capture Hidden Structure from Data

March 20, 2018
Gaussian processes

For purposes of scientific discovery, the field of insider-threat detection often lacks sufficient amounts of time-series training data. Moreover, the limited data that are available are quite noisy. For instance, Greitzer and Ferryman (2013) state that ‘ground truth’ data on actual insider behavior is typically either not available or is limited. In some cases, one might acquire real data, but for privacy reasons there is no attribution of any individuals relating to abuses or offenses (i.e., there is no ground truth). The data may contain insider threats, but these are not identified or knowable to the researcher (Greitzer and Ferryman, 2013; Gheyas and Abdallah, 2016).

The Problem

Having limited and quite noisy data for insider-threat detection presents a major challenge when estimating time-series models that are robust to overfitting and have well-calibrated uncertainty estimates. Most of the current literature in time-series modeling for insider-threat detection is associated with two major limitations. First, the methods involve visualizing the time series for noticeable structure and patterns such as periodicity, smoothness and growing/decreasing trends, and then hard-coding these patterns into the statistical models during formulation. This approach is suitable for large datasets where more data typically provides more information to learn expressive structure. Given limited amounts of data, such expressive structure may not be easily noticeable. For instance, the figure below shows monthly attachment sizes in emails sent by an insider from his employee account to his home account. Trends such as periodicity, smoothness and growing/decreasing trends are not easily noticeable.

 

Second, most of the current literature focuses on parametric models that impose strong restrictive assumptions by pre-specifying the functional form and number of parameters. Pre-specifying a functional form for a time-series model could lead either to overly complex model specifications or to simplistic models. It is difficult to know a priori the most appropriate function to use for modeling sophisticated insider-threat behavior that involves complex hidden patterns and many other influencing factors.

Haystax Technology conducted a research study to address these problems.

Data Science Questions

Given the above limitations in the current state-of-art, our study formulated the following three data science questions: Given limited and quite noisy time-series data for insider-threat detection, is it possible to perform:

  1. Pattern discovery without hard-coding trends into statistical models during formulation?
  2. Model estimation that precludes pre-specifying a functional form?
  3. Model estimation that is robust to overfitting and has well-calibrated uncertainty estimates?

Hypothesis

To answer these three questions and address the limitations described above, our study formulated the following hypothesis:

By leveraging current state-of-the-art innovations in nonparametric Bayesian methods, such as Gaussian processes with spectral mixture kernels, it is possible to perform pattern discovery without prespecifying functional forms and hard-coding trends into statistical models.

Methodology

To test our hypothesis, a nonparametric Bayesian approach was proposed to implicitly capture hidden structure from time series having limited data. The proposed model, a Gaussian process with a spectral mixture kernel, precludes the need to pre-specify a functional form and hard-code trends, is robust to overfitting and has well-calibrated uncertainty estimates.

(Mathematical details of the proposed model formulation are described in a corresponding paper that can be found on arXiv through the following link: Emaasit, D. and Johnson, M. (2018). Capturing Structure Implicitly from Time-Series having Limited Data. arXiv preprint arXiv:1803.05867.)

A brief description of the fundamental concepts of the proposed methodology is as follows: Consider for each data point, i, that y_i represents the attachment size in emails sent by the insider to his home account and x_i is a temporal covariate, such as month. The task is to estimate a latent function, f, which maps input data x_i to output data y_i for i = 1, 2, \ldots{}, N, where N is the total number of data points. Each of the input data x_i is of a single dimension D = 1, and \textbf{X} is a N x D matrix with rows x_i.

The observations are assumed to satisfy:
\begin{equation}\label{eqn:additivenoise}
y_i = f(x_i) + \varepsilon, \quad where \, \, \varepsilon \sim \mathcal{N}(0, \sigma_{\varepsilon}^2)
\end{equation}
The noise term, \varepsilon, is assumed to be normally distributed with a zero mean and variance, \sigma_{\varepsilon}^2. Latent function f represents hidden underlying trends that produced the observed time-series data.

Our study proposed a prior distribution, p(\textbf{f}), over an infinite number of possible functions of interest given that it is difficult to know a priori the most appropriate functional form to use for f. A natural prior over an infinite space of functions is a Gaussian-process (GP) prior (Williams and Rasmussen, 2006). A GP is fully parameterized by a mean function, \textbf{m}, and covariance function, \textbf{K}_{N,N}, denoted as:
\begin{equation}\label{eqn:gpsim}
\textbf{f} \sim \mathcal{GP}(\textbf{m}, \textbf{K}_{N,N}),
\end{equation}

The posterior distribution over the unknown function evaluations, \textbf{f}, at all data points, x_i, was estimated using Bayes theorem, as follows:
\begin{equation}\label{eqn:bayesinfty}
\begin{aligned}
p(\textbf{f} \mid \textbf{y},\textbf{X}) &= \frac{p(\textbf{y} \mid \textbf{f}, \textbf{X}) \, p(\textbf{f})}{p(\textbf{y} \mid \textbf{X})} = \frac{p(\textbf{y} \mid \textbf{f}, \textbf{X}) \, \mathcal{N}(\textbf{f} \mid \textbf{m}, \textbf{K}_{N,N})}{p(\textbf{y} \mid \textbf{X})},
\end{aligned}
\end{equation}
where:

p(\textbf{f}\mid \textbf{y},\textbf{X}) = the posterior distribution of functions that best explain the email-attachment size, given the covariates
p(\textbf{y} \mid \textbf{f}, \textbf{X}) = the likelihood of email-attachment size, given the functions and covariates
p(\textbf{f}) = the prior over all possible functions of email-attachment size
p(\textbf{y} \mid \textbf{X}) = the data (constant)

This posterior is a GP composed of a distribution of possible functions that best explain the time-series pattern.

Experiments

Raw data and sample formation

The insider-threat data used for empirical analysis in this study was provided by the Computer Emergency Response Team (CERT) division of the Software Engineering Institute at Carnegie Mellon University. The particular case used is a known insider who sent information as email attachments from his work email to his home email. The pydata software stack including packages such as pandas, numpy, matplotlib, seaborn and others, was used for data manipulation and visualization. The figure below shows that email attachment sizes increased drastically in March and April 2011.

Empirical analysis

In the figure below, the first 10 data points (shown in black) were used for training and the rest (in blue) for testing. The figure also shows that the GP model with a spectral mixture kernel is able to capture the structure implicitly both in regions of the training and testing data. The 95% predicted credible interval contains the ‘normal’ size of email attachments for the duration of the measurements. The GP model was also able to detect both of the anomalous data points, shown in red, that fall outside of the 95% predicted credible interval.

 

An ARIMA model was estimated using the methodology in the statsmodels Python package for comparison. The figure below shows that the ARIMA model is poor at capturing the structure within the region of testing data. This finding suggests that ARIMA models have poor performance for small data without noticeable structure. The 95% confidence interval for ARIMA is much wider than the GP model showing a high degree of uncertainty about the ARIMA predictions. The ARIMA model is able to detect only one anomalous data point in April 2011, missing the earlier anomaly in March 2011.

 

It’s important to note that the machine-learning approach described above is able to predict anomalous data points such as unusually large email attachment sizes, but it does not tell us why this behavior happened. Knowledge about causality is often locked in the brains of domain experts (adjudicators, threat experts, psychologists, HR professionals, etc.) who understand the behavior of humans and the leading indicators of insider threat activity. Data scientists need to capture this domain knowledge and combine it with machine-learned indicators in order to understand this behavior.

At Haystax, we go about this critical step by capturing expertise in a probabilistic (i.e., Bayesian) model and feeding many machine-learned indicators to understand/predict the risk score of an insider. In the next blog post, we will demonstrate this approach by using machine learning to extract more anomalous events related to this user and feed them into a probabilistic model of their risk score.

Daniel Emaasit is a Data Scientist at Haystax Technology. For a more detailed treatment of this study, please see Daniel’s blog.

Source code

For interested readers, two options are provided below to access the source code used for empirical analyses:

  1. The entire project (code, notebooks, data and results) can be found here on GitHub.

2. Click this icon Binder to open the notebooks in a web browser and explore the entire project without downloading and installing any software.

References

  1. Emaasit, D. and Johnson, M. (2018). Capturing Structure Implicitly from Noisy Time-Series having Limited Data. arXiv preprint arXiv:1803.05867.
  2. Williams, C. K. and Rasmussen, C. E. (2006). Gaussian processes for machine learning. The MIT Press, 2(3):4.
  3. Knudde, N., van der Herten, J., Dhaene, T., & Couckuyt, I. (2017). GPflowOpt: A Bayesian Optimization Library using TensorFlow. arXiv preprint arXiv:1711.03845.
  4. Wilson, A. G. (2014). Covariance kernels for fast automatic pattern discovery and extrapolation with Gaussian processes. University of Cambridge.
  5. Greitzer, F. L. and Ferryman, T. A. (2013). Methods and metrics for evaluating analytic insider threat tools. Security and Privacy Workshops (SPW), 2013 IEEE, pages 90–97. IEEE.
  6. Gheyas, I. A. and Abdallah, A. E. (2016). Detection and prediction of insider threats to cybersecurity: a systematic literature review and meta-analysis. Big Data Analytics, 1(1):6.
  • anomaly detection
  • ARIMA
  • artificial intelligence
  • Bayesian networks
  • Gaussian process
  • Insider Threat
  • insider-threat detection
  • Kernels
  • machine learning
  • Nonparametric Bayesian Methods
  • Time-series

Related posts

Policy & Practice 2021 Insider Threat Lessons Learned
September 30, 2021in Policy & Practice 0 Comments 1 Likes

2021 Insider Threat Lessons Learned

Company News Haystax Insider Threat Expert Contributes to INSA Paper
September 21, 2021in Company News 0 Comments 0 Likes

Haystax Insider Threat Expert Contributes to INSA Paper

Policy & Practice Insider Threat
September 3, 2021in Policy & Practice 0 Comments 4 Likes

Insider Threats Are Evolving – Fast

Product Updates Introducing: A Managed Service for Proactive Insider Threat Detection & Response
June 28, 2021in Product Updates 0 Comments 3 Likes

Introducing: A Managed Service for Proactive Insider Threat Detection & Response

Policy & Practice Using Commercially Available Data to Detect Insider Threats
April 7, 2021in Policy & Practice 0 Comments 2 Likes

Using Commercially Available Data to Detect Insider Threats

Technology & Data Science Two Essential Tools for Successful Insider Risk Mitigation – Part 1
October 11, 2020in Technology & Data Science 0 Comments 5 Likes

Two Essential Tools for Successful Insider Risk Mitigation – Part 1

Policy & Practice Insider Threat Program Lessons Learned
September 29, 2020in Policy & Practice 0 Comments 0 Likes

Insider Threat Program Lessons Learned

Policy & Practice Six Tips for Boosting Your Insider Threat Deterrence Capabilities
September 16, 2020in Policy & Practice 0 Comments 0 Likes

Six Tips for Boosting Your Insider Threat Deterrence Capabilities

Technology & Data Science Counting the Costs of an Insider Attack
September 9, 2020in Technology & Data Science 0 Comments 4 Likes

Counting the Costs of an Insider Attack

Policy & Practice CDM Publishes Haystax Article on Proactive Insider Threat Mitigation
July 13, 2020in Policy & Practice 0 Comments 3 Likes

CDM Publishes Haystax Article on Proactive Insider Threat Mitigation

Product Updates assessment
April 15, 2020in Product Updates 0 Comments 7 Likes

Haystax Product Update: Insider Threat and Facility Assessments

Policy & Practice Dark Reading: Haystax Insider Threat Expert Discusses High-Risk Assets
April 6, 2020in Policy & Practice 0 Comments 1 Likes

Dark Reading: Haystax Insider Threat Expert Discusses High-Risk Assets

Company News Haystax Wins Triple Gold in Cybersecurity Excellence Awards
February 21, 2020in Company News 0 Comments 6 Likes

Haystax Wins Triple Gold in Cybersecurity Excellence Awards

Technology & Data Science Can Employee Wellness Programs Help Avert an Insider Attack?
January 17, 2020in Technology & Data Science 0 Comments 3 Likes

Can Employee Wellness Programs Help Avert an Insider Attack?

Technology & Data Science Self-Driving Cars and Insider Risk
December 27, 2019in Technology & Data Science 0 Comments 6 Likes

Self-Driving Cars and Insider Risk

Policy & Practice Insider Threat Mitigation: The ‘Whole’ Story
December 18, 2019in Policy & Practice 0 Comments 0 Likes

Insider Threat Mitigation: The ‘Whole’ Story

Policy & Practice Finding Edward Snowden: A Haystax Use Case
December 6, 2019in Policy & Practice 0 Comments 3 Likes

Finding Edward Snowden: A Haystax Use Case

Policy & Practice The doctor supports a symbol of protection of health.
November 22, 2019in Policy & Practice 0 Comments 1 Likes

The Healthcare Industry Has a Remedy for Insider Threats

Company News A New Way to Hunt Insider Threats
October 23, 2019in Company News 0 Comments 1 Likes

A New Way to Hunt Insider Threats

Product Updates Haystax Product Update: Communications and Logging
October 18, 2019in Product Updates 0 Comments 3 Likes

Haystax Product Update: Communications and Logging

Policy & Practice Continuous Evaluation Could Save Billions, RAND Says
September 30, 2019in Policy & Practice 0 Comments 0 Likes

Continuous Evaluation Could Save Billions, RAND Says

Policy & Practice Finding Ana Montes: A Haystax Use Case
September 24, 2019in Policy & Practice 0 Comments 0 Likes

Finding Ana Montes: A Haystax Use Case

Technology & Data Science A Risk-Based, Data-Driven Approach to Continuous Vetting
September 18, 2019in Technology & Data Science 0 Comments 0 Likes

A Risk-Based, Data-Driven Approach to Continuous Vetting

Product Updates Haystax Product Update: Empowering Tenant Admins
September 12, 2019in Product Updates 0 Comments 5 Likes

Haystax Product Update: Empowering Tenant Admins

Policy & Practice Insider Threat
July 11, 2019in Policy & Practice 0 Comments 2 Likes

Most UBA Doesn’t Actually Focus on the User

Policy & Practice GDPR, One Year Later
May 25, 2019in Policy & Practice 0 Comments 1 Likes

GDPR, One Year Later

Technology & Data Science Multiple-Persona Disorder: Understanding All Your Insider Threats
April 30, 2019in Technology & Data Science 0 Comments 1 Likes

Multiple-Persona Disorder: Understanding All Your Insider Threats

Product Updates Haystax Product Update: Streamlined Data, Photo and File Management
April 10, 2019in Product Updates 0 Comments 6 Likes

Haystax Product Update: Streamlined Data, Photo and File Management

Company News Sasi Mudigonda Joins Haystax Executive Team
March 13, 2019in Company News 0 Comments 5 Likes

Sasi Mudigonda Joins Haystax Executive Team

Company News cybersecurity
February 22, 2019in Company News 0 Comments 1 Likes

Haystax Wins Cybersecurity Excellence Gold Award

Technology & Data Science Fraud
January 31, 2019in Technology & Data Science 0 Comments 3 Likes

Small Businesses Most Vulnerable to Insider Fraud

Policy & Practice Insider Threat Maturity Framework: An Analysis
November 27, 2018in Policy & Practice 0 Comments 0 Likes

Insider Threat Maturity Framework: An Analysis

Product Updates Haystax Product Update: Functionality Enhancements
November 19, 2018in Product Updates 0 Comments 4 Likes

Haystax Product Update: Functionality Enhancements

Policy & Practice h
October 29, 2018in Policy & Practice 0 Comments 1 Likes

‘Last-Mile’ Workflows for Tighter SOC Responses

Technology & Data Science Gleaning Deeper Insights from Badge Data – Part 2
October 8, 2018in Technology & Data Science 0 Comments 3 Likes

Gleaning Deeper Insights from Badge Data – Part 2

Company News Haystax Talks Probabilistic Modeling at MIT
October 2, 2018in Company News 0 Comments 0 Likes

Haystax Talks Probabilistic Modeling at MIT

Technology & Data Science Gleaning Deeper Insights from Badge Data – Part 1
September 23, 2018in Technology & Data Science 0 Comments 1 Likes

Gleaning Deeper Insights from Badge Data – Part 1

Policy & Practice Insider Threat, Security Analytics
September 21, 2018in Policy & Practice 0 Comments 0 Likes

Personal Trust Scoring Gains Acceptance

Technology & Data Science Get the Data You Need
September 17, 2018in Technology & Data Science 0 Comments 4 Likes

Get the Data You Need

Company News x
September 7, 2018in Company News 0 Comments 1 Likes

Haystax VP Writes Article on Insider Threat Mitigation Techniques

Company News Fishtech
August 20, 2018in Company News 0 Comments 1 Likes

At the Fishtech Pro Tour: UBA for Insider Threat

Company News INSA Publishes Framework for Insider Threat Analytics
August 10, 2018in Company News 0 Comments 1 Likes

INSA Publishes Framework for Insider Threat Analytics

Product Updates Haystax Product Update: Redefining SOC Automation
July 13, 2018in Product Updates 0 Comments 1 Likes

Haystax Product Update: Redefining SOC Automation

Technology & Data Science Image of Cyber Fraud model on laptop
July 5, 2018in Technology & Data Science 0 Comments 2 Likes

How Bayesian Networks Glean Better Insights During Clearance Investigations

Technology & Data Science insider threat
June 25, 2018in Technology & Data Science 0 Comments 1 Likes

The Case of the ‘Disgruntled’ Tesla Insider

Policy & Practice Cyber security
June 12, 2018in Policy & Practice 0 Comments 0 Likes

Integrated Risk Management Comes of Age

Technology & Data Science Principled AI with Probabilistic Machine Learning
May 29, 2018in Technology & Data Science 0 Comments 3 Likes

Principled AI with Probabilistic Machine Learning

Company News insider threat
May 25, 2018in Company News 0 Comments 1 Likes

Haystax Technology VP to Discuss Insider Threat Mitigation at DoDIIS Event

Technology & Data Science Gartner Sees Evolving UBA Market
May 20, 2018in Technology & Data Science 0 Comments 1 Likes

Gartner Sees Evolving UBA Market

Company News cybersecurity
May 16, 2018in Company News 0 Comments 1 Likes

Haystax Technology Named to Cybersecurity 500 List

Company News Gartner Highlights Haystax Technology in UEBA Guide
May 11, 2018in Company News 0 Comments 0 Likes

Gartner Highlights Haystax Technology in UEBA Guide

Company News cybersecurity
April 20, 2018in Company News 0 Comments 0 Likes

Haystax Technology CEO to Speak on Cybersecurity

Product Updates Haystax Product Update: Workflow-Driven Analytics for Actionable Threat Hunting
March 19, 2018in Product Updates 0 Comments 0 Likes

Haystax Product Update: Workflow-Driven Analytics for Actionable Threat Hunting

Company News cyber
February 28, 2018in Company News 0 Comments 0 Likes

Haystax Technology is Red Hot Cyber Awardee

Company News insider threats
February 27, 2018in Company News 0 Comments 0 Likes

Haystax Technology Study: Most Companies Feeling Vulnerable to Insider Attacks

Policy & Practice Security Analytics and the GDPR’s ‘Right to Explanation’
February 26, 2018in Policy & Practice 0 Comments 0 Likes

Security Analytics and the GDPR’s ‘Right to Explanation’

Company News cybersecurity
February 8, 2018in Company News 0 Comments 1 Likes

Haystax Technology Takes Gold in Cybersecurity Excellence

Company News Cybersecurity
February 2, 2018in Company News 0 Comments 1 Likes

Haystax Technology is Finalist for 2018 Cybersecurity Excellence Award

Company News Haystax Technology
January 31, 2018in Company News 0 Comments 1 Likes

Haystax Technology Named as Key Risk Management Platform Company

Company News insider threat
January 24, 2018in Company News 0 Comments 1 Likes

Haystax Technology and Syntelligent Sign Reseller Agreement

Technology & Data Science Insider threats
January 8, 2018in Technology & Data Science 0 Comments 3 Likes

Mitigating Insider Threats Using Bayesian Models

Technology & Data Science Machine Learning: Expertise vs. Coverage
December 26, 2017in Technology & Data Science 0 Comments 1 Likes

Machine Learning: Expertise vs. Coverage

Product Updates Haystax Product Update: Improving Assessment Functionality, User Workflows
December 20, 2017in Product Updates 0 Comments 0 Likes

Haystax Product Update: Improving Assessment Functionality, User Workflows

Technology & Data Science Using AI to Extract High-Value Threat Intel from Data
November 30, 2017in Technology & Data Science 0 Comments 2 Likes

Using AI to Extract High-Value Threat Intel from Data

Company News Haystax Technology Named Red Herring 2017 Top 100 Global Winner
November 20, 2017in Company News 0 Comments 1 Likes

Haystax Technology Named Red Herring 2017 Top 100 Global Winner

Product Updates insider threat
November 8, 2017in Product Updates 0 Comments 1 Likes

Haystax Product Update: Enhanced Insider Risk Management

Technology & Data Science UBA Is Just Getting Warmed Up
October 30, 2017in Technology & Data Science 0 Comments 1 Likes

UBA Is Just Getting Warmed Up

Technology & Data Science artificial intelligence
October 20, 2017in Technology & Data Science 0 Comments 0 Likes

Beyond Machine Learning: Using Models in AI for Security

Company News cybersecurity
October 18, 2017in Company News 0 Comments 0 Likes

Haystax Technology Named 2017 SINET 16 Innovator

Company News CSO logo
October 2, 2017in Company News 0 Comments 2 Likes

CSO: Avoiding Hype Around User Behavior Analytics

Policy & Practice insider threat
September 25, 2017in Policy & Practice 0 Comments 1 Likes

Six Steps Companies Can Take to Improve Insider Threat Mitigation

Policy & Practice insider threat
September 1, 2017in Policy & Practice 0 Comments 0 Likes

Detecting an Insider Threat in Game of Thrones

Company News Cybersecurity
August 14, 2017in Company News 0 Comments 1 Likes

Haystax Technology Again Makes Cybersecurity 500 List

Technology & Data Science More Organizations Adopting UBA, Gartner Says
August 9, 2017in Technology & Data Science 0 Comments 1 Likes

More Organizations Adopting UBA, Gartner Says

Technology & Data Science New SANS, Haystax Technology Insider Threat Survey Reveals Malicious Actors as the Most Damaging Threat Vector for Companies
August 1, 2017in Technology & Data Science 0 Comments 0 Likes

New SANS, Haystax Technology Insider Threat Survey Reveals Malicious Actors as the Most Damaging Threat Vector for Companies

Company News NSA; insider threat
June 28, 2017in Company News 0 Comments 4 Likes

McClatchy Quotes Haystax CEO on Finding Rogue Insiders

Technology & Data Science Insider Threat, Security Analytics
June 23, 2017in Technology & Data Science 0 Comments 0 Likes

Why We Need More Shades of Gray in Security

Technology & Data Science Network Data is Not Enough
June 8, 2017in Technology & Data Science 0 Comments 1 Likes

Network Data is Not Enough

Technology & Data Science Cyber security
April 12, 2017in Technology & Data Science 0 Comments 1 Likes

Managing Insider Risk: Breathalyzers and Behavioral Analytics

Policy & Practice Security analytics
April 5, 2017in Policy & Practice 0 Comments 0 Likes

‘Continuous Trustworthiness’ Needs More Focus, Haystax Technology CEO Writes

Company News Dark Reading logo
March 31, 2017in Company News 0 Comments 2 Likes

Insider Threat Programs “Need Full Engagement,” Haystax Technology VP Tells Dark Reading

Technology & Data Science Insider threat
March 29, 2017in Technology & Data Science 0 Comments 0 Likes

New Haystax Technology Survey Shows Most Organizations Ill-Prepared for Insider Threats

Product Updates Haystax
March 23, 2017in Product Updates 0 Comments 0 Likes

Haystax Product Update: App, Dashboard and Map Enhancements

Technology & Data Science Security analytics
February 23, 2017in Technology & Data Science 0 Comments 0 Likes

Haystax Technology Publishes Security Analytics White Paper

Product Updates Assets
February 21, 2017in Product Updates 0 Comments 0 Likes

Haystax Product Update: Enhanced Behavioral Analytics

Company News Security analytics
February 13, 2017in Company News 0 Comments 0 Likes

Haystax Technology Wins Two Cybersecurity Awards Ahead of RSA Conference

Company News Haystax Technology Wins 2017 Cybersecurity Excellence Award for Security Analytics
February 8, 2017in Company News 0 Comments 0 Likes

Haystax Technology Wins 2017 Cybersecurity Excellence Award for Security Analytics

Product Updates Haystax Product Update: Multiple Model Support
February 8, 2017in Product Updates 0 Comments 0 Likes

Haystax Product Update: Multiple Model Support

Company News security analytics
February 3, 2017in Company News 0 Comments 2 Likes

Haystax Named Finalist for 2017 Cybersecurity Excellence Awards

Policy & Practice Insider threat
January 26, 2017in Policy & Practice 0 Comments 0 Likes

Haystax Technology CEO Describes Private Sector’s Insider Threat Challenges

Policy & Practice Insider Threat, Security Analytics
January 18, 2017in Policy & Practice 0 Comments 0 Likes

Insider Threat and Security Clearance Reform: A Chance to Accelerate Change

Technology & Data Science Overcoming Objections to Bayesian Networks – Part 2
January 4, 2017in Technology & Data Science 0 Comments 0 Likes

Overcoming Objections to Bayesian Networks – Part 2

Company News Cyber security
December 8, 2016in Company News 0 Comments 1 Likes

Washington Post Reports on Haystax Technology-Fishtech Partnership

Company News Haystax Technology Announces Strategic Investment and Partnership with Fishtech
December 8, 2016in Company News 0 Comments 2 Likes

Haystax Technology Announces Strategic Investment and Partnership with Fishtech

Technology & Data Science Security analytics
December 2, 2016in Technology & Data Science 0 Comments 0 Likes

Network World Cites Haystax Technology CEO in AI Piece

Product Updates Security Analytics
November 4, 2016in Product Updates 0 Comments 2 Likes

Haystax Product Update: New Dashboard App

Technology & Data Science Bayesian Network
October 27, 2016in Technology & Data Science 0 Comments 0 Likes

Overcoming Objections to Bayesian Networks – Part 1

Company News National Defense Quotes Ware on NISPOM2
October 20, 2016in Company News 0 Comments 0 Likes

National Defense Quotes Ware on NISPOM2

Company News NSA; insider threat
October 14, 2016in Company News 0 Comments 0 Likes

Politico Cites Haystax CEO on Insider Threat

Policy & Practice cybersecurity; insider threat; white house
October 12, 2016in Policy & Practice 0 Comments 0 Likes

A Wrong Turn on Insider Threat Programs

Technology & Data Science Insider Threat, Security Analytics
October 11, 2016in Technology & Data Science 0 Comments 1 Likes

Haystax CEO: Effective Security Analytics for Insider Threat Prevention

Technology & Data Science A Security Analytics Approach That Does Work
September 29, 2016in Technology & Data Science 0 Comments 1 Likes

A Security Analytics Approach That Does Work

Technology & Data Science Security analytics
September 9, 2016in Technology & Data Science 0 Comments 0 Likes

Network World: Haystax CEO Bryan Ware On Managing Insider Threats

Technology & Data Science Three Weaknesses of Rules-Based Systems
September 6, 2016in Technology & Data Science 0 Comments 1 Likes

Three Weaknesses of Rules-Based Systems

Technology & Data Science Machine Learning vs. Model-First Approaches to Analytics
August 31, 2016in Technology & Data Science 0 Comments 0 Likes

Machine Learning vs. Model-First Approaches to Analytics

Policy & Practice Insider Threat, Security Analytics
August 26, 2016in Policy & Practice 0 Comments 0 Likes

Is Yesterday’s Trusted Employee Today’s Insider Threat? And How Would You Know?

Technology & Data Science Making Bayesian Networks Accessible
August 22, 2016in Technology & Data Science 0 Comments 1 Likes

Making Bayesian Networks Accessible

Technology & Data Science Three Security Analytics Approaches That (Mostly) Don’t Work
August 15, 2016in Technology & Data Science 0 Comments 0 Likes

Three Security Analytics Approaches That (Mostly) Don’t Work

Technology & Data Science The Problem with Financial Fraud Detection (and How to Improve It)
August 1, 2016in Technology & Data Science 0 Comments 1 Likes

The Problem with Financial Fraud Detection (and How to Improve It)

Company News SourceSecurity: Haystax CEO Discusses Identifying Threat Actors Before They Act
July 21, 2016in Company News 0 Comments 0 Likes

SourceSecurity: Haystax CEO Discusses Identifying Threat Actors Before They Act

Policy & Practice Companies need to go beyond minimum insider threat standards, Haystax Technology CEO Tells InsideDefense
July 18, 2016in Policy & Practice 0 Comments 0 Likes

Companies need to go beyond minimum insider threat standards, Haystax Technology CEO Tells InsideDefense

Policy & Practice NISPOM 2 Adds Insider Threat Rule, But Does It Go Far Enough?
July 14, 2016in Policy & Practice 0 Comments 0 Likes

NISPOM 2 Adds Insider Threat Rule, But Does It Go Far Enough?

Technology & Data Science Haystax Scientists to Present “Model-First” Framework Enhancements at International Workshops
July 5, 2016in Technology & Data Science 0 Comments 0 Likes

Haystax Scientists to Present “Model-First” Framework Enhancements at International Workshops

Technology & Data Science Managing cyber alert overload: how to find high-priority threat signals amid the noise
May 23, 2016in Technology & Data Science 0 Comments 3 Likes

Managing cyber alert overload: how to find high-priority threat signals amid the noise

Technology & Data Science Haystax Technology CEO Bryan Ware Talks Risk Models at Insider Threat Summit 2016
April 7, 2016in Technology & Data Science 0 Comments 1 Likes

Haystax Technology CEO Bryan Ware Talks Risk Models at Insider Threat Summit 2016

Company News Insider Threat Summit Announces Haystax CTO Bryan Ware as a Featured Speaker
January 16, 2016in Company News 0 Comments 0 Likes

Insider Threat Summit Announces Haystax CTO Bryan Ware as a Featured Speaker

Policy & Practice Has OPM put us “Into Dangerous Hands?”
November 16, 2015in Policy & Practice 0 Comments 0 Likes

Has OPM put us “Into Dangerous Hands?”

Policy & Practice The Umpqua Tragedy: Lessons Learned in School Safety
October 7, 2015in Policy & Practice 0 Comments 0 Likes

The Umpqua Tragedy: Lessons Learned in School Safety

Company News Cybersecurity Ventures Ranks Haystax as Top Cybersecurity Company
October 4, 2015in Company News 0 Comments 1 Likes

Cybersecurity Ventures Ranks Haystax as Top Cybersecurity Company

Policy & Practice 3 Common Reasons To Implement Insider Threat Management
September 3, 2015in Policy & Practice 0 Comments 0 Likes

3 Common Reasons To Implement Insider Threat Management

Policy & Practice Five Principles of Successful Enterprise Threat Management
August 26, 2015in Policy & Practice 0 Comments 0 Likes

Five Principles of Successful Enterprise Threat Management

Company News Haystax Technology CTO quoted in ThirdCertainty piece on OPM breach
August 11, 2015in Company News 0 Comments 0 Likes

Haystax Technology CTO quoted in ThirdCertainty piece on OPM breach

Product Updates Haystax Analytics Tool Could Mitigate National Security Effects of OPM Breach
August 7, 2015in Product Updates 0 Comments 0 Likes

Haystax Analytics Tool Could Mitigate National Security Effects of OPM Breach

Policy & Practice The History of Insider Threat Detection
August 1, 2015in Policy & Practice 0 Comments 0 Likes

The History of Insider Threat Detection

Company News Homeland Security Today Examines How Haystax Carbon Helps Prevent Insider Threats
July 21, 2015in Company News 0 Comments 0 Likes

Homeland Security Today Examines How Haystax Carbon Helps Prevent Insider Threats

Product Updates Insider Threat Detection: What You Don’t Know About Your Staff Will Hurt You
July 21, 2015in Product Updates 0 Comments 1 Likes

Insider Threat Detection: What You Don’t Know About Your Staff Will Hurt You

Policy & Practice Protecting The Enterprise – All of It
July 17, 2015in Policy & Practice 0 Comments 0 Likes

Protecting The Enterprise – All of It

Company News Haystax Technology to serve on panel at Cybersecurity Outlook 2016
June 26, 2015in Company News 0 Comments 0 Likes

Haystax Technology to serve on panel at Cybersecurity Outlook 2016

Company News Haystax Technology Demonstrates Next-Generation Insider Threat Detection at GEOINT 2015
June 22, 2015in Company News 0 Comments 0 Likes

Haystax Technology Demonstrates Next-Generation Insider Threat Detection at GEOINT 2015

Company News Haystax Technology to Present at AFCEA Defensive Cyber Operations Symposium
June 16, 2015in Company News 0 Comments 0 Likes

Haystax Technology to Present at AFCEA Defensive Cyber Operations Symposium

Company News Haystax Technology to Exhibit at 2015 CIA Technology Exposition
June 1, 2015in Company News 0 Comments 0 Likes

Haystax Technology to Exhibit at 2015 CIA Technology Exposition

Policy & Practice Terrorism Risk and Schools: Time to Take Note (Part I)
May 14, 2015in Policy & Practice 0 Comments 0 Likes

Terrorism Risk and Schools: Time to Take Note (Part I)

Company News CTOVision Lauds Haystax Technology’s Approach to Analytics and Cybersecurity
May 12, 2015in Company News 0 Comments 0 Likes

CTOVision Lauds Haystax Technology’s Approach to Analytics and Cybersecurity

Policy & Practice Why We Focus on Insider Threats
April 15, 2015in Policy & Practice 0 Comments 0 Likes

Why We Focus on Insider Threats

Company News Haystax featured in Bloomberg Business for insider threat detection
March 30, 2015in Company News 0 Comments 1 Likes

Haystax featured in Bloomberg Business for insider threat detection

Company News The AAAI recognizes Haystax paper as Honorable Mention for big data expertise
January 7, 2015in Company News 0 Comments 0 Likes

The AAAI recognizes Haystax paper as Honorable Mention for big data expertise

Company News Haystax Selected to Present Advanced Threat Analytic Applications for Insider Threat Detection at STIDS – 2014 Conference
November 13, 2014in Company News 0 Comments 0 Likes

Haystax Selected to Present Advanced Threat Analytic Applications for Insider Threat Detection at STIDS – 2014 Conference

Policy & Practice Dynamic Trust – What is it and why should you care about it?
July 8, 2014in Policy & Practice 0 Comments 0 Likes

Dynamic Trust – What is it and why should you care about it?

Company News Haystax Technology Chief Technology Officer Bryan Ware to Speak at the 12th Annual OffshoreAlert Conference
May 1, 2014in Company News 0 Comments 0 Likes

Haystax Technology Chief Technology Officer Bryan Ware to Speak at the 12th Annual OffshoreAlert Conference

Company News Haystax Endorses INSA’s Guidance on Improving Continuous Threat Monitoring and Evaluation Processes
March 20, 2014in Company News 0 Comments 0 Likes

Haystax Endorses INSA’s Guidance on Improving Continuous Threat Monitoring and Evaluation Processes

The Latest at Haystax

Preventing School Violence: Challenges and Opportunities
Preventing School Violence: Challenges and Opportunities
2021 Insider Threat Lessons Learned
2021 Insider Threat Lessons Learned
Haystax Insider Threat Expert Contributes to INSA Paper
Haystax Insider Threat Expert Contributes to INSA Paper

DOWNLOAD FREE GUIDE

READ THE LATEST INSIDER THREAT REPORT

Tags

Advanced Threat Analytics Analytics cybersecurity Enterprise Threat Management first responders Haystax Analytics Haystax Analytics Platform Haystax Technology Insider Threat Media Coverage public safety risk management security analytics situational awareness threat monitoring

Follow Haystax on Social

Categories

  • Company News (147)
  • Policy & Practice (66)
  • Product Updates (48)
  • Success Stories (30)
  • Technology & Data Science (52)

Haystax’s security analytics platform applies artificial intelligence techniques to reason like a team of analysts and prioritize risks in real time at scale for more efficient protection of critical assets.

877-442-4553

Contact Haystax

© Haystax 2022 - A Fishtech LLC company. All rights reserved.