This is the second part of a two-part series about considering low-cost tools for starting your insider threat program. In the first part of this series, I discussed the five categories of tools available to insider threat programs to use, as needed, as part of their operations. In this part, I provide examples of low-cost tools that are available in this space.
This is the first part of a two-part series that explores open source, free, or low-cost solutions to help you get the technical portion of your insider threat program started. As defined by opensource.com, open source software is "software with source code that anyone can inspect, modify, and enhance." Free tools are available at no cost, but the source code is "closed," meaning that it cannot be examined or modified.
Much attention has been paid to understanding the impacts of an insider threat incident. In examining recorded cases, trends begin to emerge over time just as with any other data set. However, despite these malicious insiders using technical means to cause harm, there is still a human component that should be considered. Who, collectively, are these malicious insiders that caused harm? What do we know about them? This blog post is the first of a four-part series about understanding insider threats.