Not a week goes by without the report of a security breach committed by an employee or contractor of an organization. According to studies by the United States Secret Service and CERT, approximately 80% of insiders who launched attacks on their companies had exhibited negative behaviors before the incident and 92% had experienced a negative work-related event, such as a demotion, transfer, warning or termination. At the time of the incident, 59% were former employees or contractors, while 41% were still employees.
This SANS paper examines how the most common attacks can be detected by the deliberate examination of data found in system log files. While the bulk of the event data found in logs is difficult to capture, retain and examine, there is a class of software solutions that are focused on producing information that can assist an organization in detecting suspicious and unauthorized activity.
Download this informative whitepaper to learn more on how to detect insider threats.
Did you find this white paper useful?
26 out of 50 users found this white paper useful
Related white papers
Technology Services Provider Improves Efficiency and Productivity
Satyam Computer Services Ltd. (Satyam) wanted a solution that would keep conflicts and system disruptions in check, minimize user downtime and inconvenience, and avoid exposure to security threats. The company...
Advanced OTDR Analysis - Has Technology Made it a Lost Art?
Is the ability to manually set up tests and interpret Optical Time Domain Reflectometer (OTDR) traces becoming a lost art, due to embedded processors and sophisticated software? This article discusses...
IT Manager Webcast: How Microsoft IT Uses Using System Center Configuration Manager 2007 to Extend Network Health (Level 200)
The attendee of this webcast will learn how Microsoft System Center Configuration Manager 2007 ensures that computers connecting or communicating on the network meet the organization's requirements for system health....
TechNet Webcast: System Center and the Desktop (Level 300)
With the increasing reliance on electronic information, the redefining of the network perimeter to the user level, and greater security challenges, modern organizations need to deploy and securely manage an...
Switching Technology in Network Instruments’ Observer
Switches provide both performance advantages and debugging headaches for network administrators. The advantages are obvious: since a switch enables the network to handle traffic effectively, in a way transparent to...
The Design of GrIDS: A Graph-Based Intrusion Detection System
This report documents the design of the Graph-based Intrusion Detection System (GrIDS) in reasonable detail. It is intended as a guide to people who wish to understand the implementation, or...
Drafting and Negotiating Colocation Agreements
I represent many colocation providers as well as many customers of colocation providers with respect to the drafting, reviewing and negotiating of colocation agreements. As surprising as it may seem,...
