Systems and methods for automated anomalous behavior detection and risk-scoring individuals

Systems and methods for automated anomalous behavior detection and risk-scoring individuals

Systems, methods, and apparatuses for anomalous user behavior detection and risk-scoring individuals are described. User activity data associated with a first computing device of a first user is received from an agentless monitoring data source different from the first computing device. The user act...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Fricano, Daniel, Makohon, Peter A
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Systems, methods, and apparatuses for anomalous user behavior detection and risk-scoring individuals are described. User activity data associated with a first computing device of a first user is received from an agentless monitoring data source different from the first computing device. The user activity data includes a user identifier. An active directory (AD) identifier and employee-related information from a human resources database are determined based on the user identifier. Based on the employee-related information and/or AD identifier, a probability of an adverse event is determined. When the probability of the adverse event exceeds a predetermined threshold, a logging agent is activated on the first computing device and additional user activity data is received from the logging agent. A user-interactive electronic notification comprising an indication of the probability of the adverse event, a subset of the user activity data, and the additional user activity data is generated and transmitted to a second computing device of a second user.