December 6, 2023 Next DLP Announces New Activity Feed Capability

Activity Feed gives security analysts a unified view into data movement and risky behavior.

Activity Feed is designed to reduce the time and cost of investigating data loss and insider threats. This is achieved by providing analysts with a comprehensive, streamlined and time sequenced view of the user, data and device activity before, after and during an incident. It enables an analyst to rapidly review and contextualize the observed activity to a granular level, and respond to the threat appropriately.

“By now most organizations recognize that insider risk poses the most significant threat to their sensitive data,” said John Stringer, Head of Product at Next DLP. “But truly internalizing that fact means working proactively to detect those threats as quickly as possible—before they spiral out of control. With Activity Feed, organizations can stop wasting time trying to correlate information across multiple DLP, IRM and SIEM tools and instead face potential threats head-on, in a single unified activity stream with essential employee privacy and audit controls built in.”

Unlike legacy DLP and insider risk management solutions, the Reveal Platform and its new Activity Feed automatically generates fine-grained, contextualized information, mapped to the MITRE Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base, on each and every detection. This gives analysts the full picture, from reconnaissance and collection, to defense evasion and data exfiltration, of any given incident. For the chronically overstretched Security team—a persistent problem given the ongoing security talent shortage—this rich information view reduces investigation time and optimizes the allocation of analyst resources.

Subscribe to Industry Today