INSIDER THREAT DEFENSE GROUP, INC.
The ITDG has provided training and services to an impressive list of
625+ clients (In Over 14 U.S. States); U.S. Government Agencies
(Department of Defense, Intelligence Community), Defense Contractors,
Defense Security Service, Critical Infrastructure Providers, Fortune 500
Companies, Aviation / Airline Industry, Spacecraft Manufacturing- Launch
Providers, Technology Companies, Banking - Financial Industry, Health
Care Industry, and other large-small businesses and global corporations.
Over 800+ individuals have attended our training and received ITP
Program Manager Certificates.
White House National Security Council
National Center For Credibility Assessment
- Federal Polygraph Examiners
FBI Terrorist Explosive Device Analytical
U.S. Secret Service
U.S. Customs & Border Protection
United States Citizenship & Immigration
U.S. Department of State
DHS Infrastructure Information Collection
Transportation Security Administration
National Nuclear Security Administration
National Geospatial-Intelligence Agency
Defense Intelligence Agency
Department of Energy
National Security Agency
Department of Defense Inspector General
Defense Criminal Investigate Service
Defense Information Systems Agency
Defense Counterintelligence And Security
U.S. Central Command
U.S. Cyber Command
U.S. Army Enterprise NetOps
U.S. Army Research, Development &
U.S. Army Signal Command
U.S. Air Force Global Strike Command
U.S. Air Force 35th Fighter Wing
U.S. Air Force Cyber Command
Marine Corps Intelligence Activity
Naval Air Warfare Center Weapons Division
Navy Space & Naval Warfare Systems Command
Naval Information Force Reserve
Naval Criminal Investigative Service
United States Postal Service
United States Postal Service Office of
OPM – Federal Investigative Services
Government Accountability Office
Social Security Administration
Small Business Administration
Internal Revenue Service
Centers For Disease Control & Prevention
Tesla Automotive Company
United Parcel Service / FedEx Custom
Southern California Edison Power Company /
Constellation - Exelon Power Company / Georgia Power Company
Visa, Capital One Bank, BB&T Bank, HSBC
Bank, American Express, Equifax
TransUnion / JetBlue Airways / Delta
And Many More
Johns Hopkins University Applied Physics
University Maryland - Applied Research Lab
For Intelligence & Security
University Of Texas @ Austin / ARL
University Of Massachusetts Lowell
University Of Alabama (Huntsville)
Oklahoma State University
University of Dayton
Kansas State University
Texas A&M University
Morgan State University
DC National Guard
New York Police Department
Royal Canadian Mounted Police
Police Executive Research Forum
INSIDER THREAT MANAGEMENT GROUP,
Shawn Thompson is licensed attorney, and CEO of the
Insider Threat Management Group
and Insider Threat
Training Academy. (Bio)
Mr. Thompson is the
Legal Advisor to the National Insider Threat Special Interest Group.
provides legal guidance on Insider Threat Program development and
management, during the highly sought after
Insider Threat Program Management With Legal Guidance Training
provides Insider Threat Program development and management
consulting services to an impressive list of clients, to include
Fortune 100 clients.
Mr. Thompson is
a licensed attorney with over 15 years of experience investigating
and prosecuting malicious employees, and managing Insider Threat
Programs (ITP's). He is widely recognized for his insider threat
expertise and unparalleled scope and breadth of experience. Mr.
Thompson has been involved with creating and managing ITP's for
numerous federal agencies. His work with the National Insider Threat
Task Force led to the creation of the National Insider Threat Policy
and ITP Minimum Standards for Executive U. S. Government Agencies.
Veriato is an innovator in Insider
Threat Detection and a global leader in Employee Monitoring Software.
Driven by AI, more than 42,000 companies and government entities
worldwide utilize Veriato to gain unmatched insight into the User
Activity occurring on their network. Veriato’s product line includes the
Veriato Cerebral, Veriato Investigator and Veriato RansomSafe.
federal, state or local agency, public safety or educational
organization, TransUnion’s suite of mission-critical solutions provides
the public sector with vital information and an unmatched combination of
credit and non-credit data to help ensure citizen safety, manage
compliance and boost services for constituents served. Our comprehensive
and unique sets of credit, criminal and public data, coupled with
flexible analytics, help agencies detect and prevent cyber fraud, and
make connections between people, businesses, assets and locations.
Our experience has given us a deep understanding of the challenges
facing your organization, your service requirements, and the factors
that impact your daily operations.
Dtex provides organizations across the
globe with the complete, user-focused visibility needed to strengthen
enterprise security posture and effectively manage insider threats.
Dtex’s Modern User Activity Monitoring combines high-fidelity user
activity data with machine learning and advanced analytics to pinpoint
anomalies in real time, elevate areas of risk, generate actionable
insights, and provide answers quickly. Collecting only the lightweight
data needed to identify risky behaviors, Dtex can be deployed and scaled
quickly with no impact on network, endpoint or human performance and
without impeding user privacy.
threats takes a lot more than just correlating network data. It requires
the ability to analyze 'whole-person' behavior — rapidly, continuously
and at scale.
Our Haystax For
Insider Threat solution was designed from the ground up to:
assesses the trustworthiness of individuals, not just user activity on
networks and devices like conventional machine-learning or rules-based
Uses a probabilistic
model that analyzes evidence from a wide array of data sources to
prioritize risk rather than generate excessive false-positive alerts
that overwhelm analysts.
Provides a user
interface that mirrors current analyst terminologies and workflows.
government agencies and large commercial enterprises, as well as state
and local public-safety organizations, rely on Haystax for more
effective protection of their critical systems, data, facilities and
people. A U.S. defense agency has called Haystax for Insider Threat the
"only known system for prioritizing personnel according to positive and
negative nodes of trust."
AC GLOBAL RISK
AC Global Risk (ACGR) is a
Silicon Valley-based technology company that developed Remote Risk
Assessment (RRA®) to uncover human risk across the commercial and
government markets. RRA’s capabilities are the output of 10 years of
development, 2-year market evaluation, countless customer trials, and
Remote Risk Assessment (RRA®) is a sophisticated system that uses unique
voice analytics processes to evaluate and quantify distinct
characteristics of the human voice related to risk. RRA is a highly
accurate, automated, high-throughput risk assessment technology that has
been vetted by military and commercial customers.
RRA takes under 10 minutes
- over the phone, remote team, or on-prem
Light touch with simple
YES / NO responses to 3-6 automated questions - no PII is required
Works in any language -
already used in English, Spanish, Pashto, Farsi, Tagalog, and Somali
97.62% accurate on latest
Used for HR screening,
counter green-on-blue, counterintelligence, insider threat mitigation,
fraud / incident / loss investigations, 3rd party audits, and IP
Capgemini’s Arena ITI™
provides organizations of any size with proactive identification of
potential insider threat activity, built on industry-leading experience
Arena ITI™ is an award-winning solution that takes a holistic approach
to detecting insider threats. Arena ITI™ assesses both the employees’
cyber footprint and their non-IT behaviors in a single platform to
produce earlier and more accurate insider threat detection by:
from company and third-party data sources
Aggregating data through
predefined risk models and scoring
Drilling down for advanced
analysis, further investigation and reporting
Arena ITI™ is an important
part of an Insider Threat program, it provides context and insight for
security teams to focus their limited resources on assessing the
behaviors of high-risk individuals and intervening prior to the
occurrence of a hostile event.
A comprehensive insider risk program requires people, processes, and
tools, acting collectively to achieve the greatest benefit and return on
investment. Capgemini also provides Insider Risk Assessments and Insider
Risk Program Development.
simplifies insider threat detection and breach prevention with machine
learning and a fully-customizable policy engine. The platform automates
employee training the instant they make a mistake, applies policies
while data is in motion to prevent data loss, and provides the fastest
threat hunting and forensic capabilities for investigations.
MATHCRAFT SECURITY TECHNOLOGIES
Technologies is the leading provider of innovative software for today’s
security professionals. As a trusted partner within the industrial
security community, we work with government and corporate organizations
of all sizes to streamline operations, maximizing both productivity and
MathCraft’s robust product lines are compliant with Defense Security
Service (DSS) and NISPOM requirements for cleared contracts and
enterprises. Our solutions are carefully engineered to improve security
and compliance processes, giving Facility Security Officers (FSOs) and
employees the comprehensive tools that they need to manage data, monitor
visitors, and automate workflows. For ultimate convenience, they are
also available on-premises or via a FedRAMP-approved cloud platform.
is our industrial security management software for FSOs who need to
govern and organize their security efforts while staying compliant.
ViSi Commander™ is the application that allows FSOs to manage
visitors across cleared facilities and streamline the check-in/out
Portal Commander™ is our automated, self-service security portal
for employees, line managers, FSOs, and CSOs who require improvements,
consistencies and accountabilities in security processes. The Business
Process Management (BPM) edition includes a workflow engine that allows
you to optimize your security processes like never before.
powerful lines of industrial security applications, organizations can
manage their classified facilities, personnel clearances, foreign
travel, classified visits, incidents, insider threats, classified
contracts, classified documents, badges, training, and more in one
place, within applications that make compliance inherent and systemic.
Our products save time, reduce costs, and minimize risks for those who
stand on the front lines, safeguarding our nation’s most sensitive
information and infrastructure.
703-729-9022 / Ext. 803
Securonix redefines the next
generation of security monitoring. Securonix Next-Gen SIEM uses big data
architecture to provide unlimited scalability and data retention on a
non-proprietary open platform. It leverages machine learning and
behavior analytics to detect the most advanced cyber threats.
The solution comes packaged with out-of-the-box content for insider
threats, cyber threats, cloud threats, and fraud. It also comes with
Securonix Spotter, which supports text-based search, ad-hoc reporting,
link analysis, and threat hunting capabilities across massive data sets.
Securonix provides incident orchestration and response capabilities with
built-in incident response playbooks and case management.
The Securonix solution is available in the cloud as a fully-managed SaaS
platform. Securonix is SOC2 certified and supports complete SIEM
functionality in the cloud with minimal operational overhead.
SolarWinds® provides powerful and affordable IT management software
to customers worldwide from enterprises of all sizes to virtually every
civilian agency and branch of the US Military. We focus exclusively on
IT Pros and strive to eliminate the complexity that they have been
forced to accept. SolarWinds delivers on this commitment with unexpected
simplicity through products that are easy to find, buy, use and maintain
while providing the power to address any IT management problem.
Oracle is a leader in security and
top provider of 5G, Cloud (DaaS, SaaS, PaaS, Iaas), Java, Data
technologies, HCM/ERP/CRM, AI/ML, Emerging technologies,
Hardware, and much more.
Oracle technologies specificslly help reduce the insider threat
access to highly sensitive data with technologies such as Gen 2
Cloud, Transparent Database Encryption, Key Vault, Database
Vault, Audit Vault, Database Firewall, and the Cloud Access
Security Broker (CASB).
Oracle enterprise Hardware and Cloud have been selected by
Insider Threat and Security Operations Centers at large agencies
to run 3rd party COTS software. Oracle hardware is selected for
its low cost, high performance, and resiliency in the InT/SOC
Code42 is the leader in data loss protection. Native to the cloud,
the Code42 Next-Gen Data Loss Protection solution rapidly detects
insider threats, helps satisfy regulatory compliance requirements and
speeds incident response — all without lengthy deployments, complex
policy management or blocking user productivity. Because the solution
collects and indexes every version of every file, it offers total
visibility and recovery of data — wherever it lives and moves. Security,
IT and compliance professionals can protect endpoint and cloud data from
loss, leak and theft while maintaining an open and collaborative culture
for employees. Backed by security best practices and control
requirements, Code42 Next-Gen Data Loss Protection preserves files for
compliance and can be configured for GDPR, HIPAA, PCI and other
More than 50,000 organizations worldwide, including the most recognized
brands in business and education, rely on Code42 to safeguard their
ideas. Founded in 2001, the company is headquartered in Minneapolis,
Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock
Read Code42’s Blog / Follow Us on Twitter
Cyberhaven rapidly detects and
eliminates data incidents caused by insider threats. Cyberhaven reduces
the cost of data breaches by rapidly detecting and investigating insider
threats. It provides instant visibility into data flows across
endpoints, servers, email and SaaS, significantly reducing the amount of
time to contain a breach.
Splunk drives fast,
confident decisions to solve DoD’s toughest challenges and ensure
mission success. Its massively scalable analytics platform leverages
data from any source or format – satellites, mobile devices, servers,
weapons systems and more. It delivers real-time situational awareness
and insights that optimize assets and operational capabilities,
accelerating mission execution.
ObserveIT, the leader in
Insider Threat Management, delivers comprehensive visibility into user
and data activity providing security organizations with a powerful tool
for protecting employees and valuable assets while saving time and
resources. With more than 1,900 global customers across all major
verticals, ObserveIT empowers security teams to proactively detect
Insider Threats, streamline the investigation process and enable rapid
Yakabod’s CISOBox and Yakabox
software provide secure software for insider threat case
management, file sharing and other business processes. The
company’s products provide insider threat teams with efficient,
productive, repeatable business processes for managing, tracking
and documenting insider threat investigations, as well as for
communicating with investigation teams and stakeholders. Built
on technology created for, certified (Under NIST RMF) by and
used in U.S. Federal Intelligence Agencies, Yakabod’s solutions
provide comprehensive security to protect sensitive, high stakes
insider threat case data from both external and internal threats
and to minimize the risk associated with improper access to or
disclosure of sensitive insider threat information.
Ekran System is an
insider threat management platform that effectively deters, detects, and
disrupts insider threats.
To deter insider threats, Ekran System comes with a rich set of access
management features within a single endpoint agent.
To detect insider threats in a timely manner, Ekran System monitors,
records, and audits all critical data, all critical configurations, and
all user activity on critical endpoints. Its alerting subsystem includes
both customizable rules based on generic behavioral indicators of
potential insider threats and an AI-powered user behavior analytics
module for detecting anomalies in the routines of internal users.
To disrupt insider threats, Ekran System delivers real-time
notifications to your security team together with the full context of
each incident. It also provides a rich selection of incident response
features for comprehensive protection against insider threats.