Insider Threat Program Development - Management Training / Consulting


Insider Threat Mitigation Vendors


Does your company have a product or service that can mitigate insider threat risks?

Please contact the NITSIG about listing your product or service here. Pricing is very reasonable.




  • The Insider Threat Defense Group (ITDG) has become the Go To Company for Insider Threat Program (ITP) Development / Management Training and Insider Threat Mitigation (ITM) Services.

  • We provide a broad portfolio of training and services to potential clients, that will address Insider Threat Risks with a cost effective, comprehensive and holistic approach.

  • The ITDG has provided training and services to an impressive list of 650+ clients (In Over 14 U.S. States); U.S. Government Agencies (Department of Defense, Intelligence Community), Defense Contractors, Defense Security Service, Critical Infrastructure Providers, Fortune 500 Companies, Aviation / Airline Industry, Spacecraft Manufacturing- Launch Providers, Technology Companies, Banking - Financial Industry, Health Care Industry, and other large-small businesses and global corporations. Client Listing

  • Over 900+ individuals have attended our training and received ITP Program Manager Certificates.

  • The ITDG is considered a Trusted Source for ITM training and consulting services to the following:

U.S. Government Agencies:

  • White House National Security Council

  • National Center For Credibility Assessment - Federal Polygraph Examiners

  • FBI Headquarters

  • FBI Terrorist Explosive Device Analytical Center

  • U.S. Secret Service

  • U.S. Customs & Border Protection

  • United States Citizenship & Immigration Services

  • U.S. Department of State

  • DHS Infrastructure Information Collection Division

  • Transportation Security Administration

  • National Nuclear Security Administration

  • National Geospatial-Intelligence Agency

  • Defense Intelligence Agency

  • Department of Energy

  • National Security Agency

  • Department of Defense Inspector General

  • Defense Criminal Investigate Service

  • Defense Information Systems Agency

  • Defense Counterintelligence And Security Agency

  • U.S. Central Command

  • U.S. Cyber Command

  • U.S. Army Enterprise NetOps

  • U.S. Army Research, Development & Engineering Command

  • U.S. Army Signal Command

  • U.S. Air Force Global Strike Command

  • U.S. Air Force 35th Fighter Wing

  • U.S. Air Force Cyber Command

  • Marine Corps Intelligence Activity

  • Naval Air Warfare Center Weapons Division

  • Navy Space & Naval Warfare Systems Command

  • Naval Information Force Reserve

  • Naval Criminal Investigative Service

  • United States Postal Service

  • United States Postal Service Office of Inspector General

  • OPM – Federal Investigative Services

  • Government Accountability Office

  • Social Security Administration

  • Small Business Administration

  • Internal Revenue Service

  • Centers For Disease Control & Prevention



  • Microsoft Corporation

  • Dell Technologies

  • Discovery Channel

  • Walmart

  • Home Depot

  • Nike

  • Tesla Automotive Company

  • Symantec Corporation

  • United Parcel Service / FedEx Custom Critical

  • Southern California Edison Power Company / Constellation - Exelon Power Company / Georgia Power Company

  • Visa, Capital One Bank, BB&T Bank, HSBC Bank, American Express, Equifax

  • TransUnion / JetBlue Airways / Delta Airlines

  • And Many More



  • Johns Hopkins University Applied Physics Laboratory

  • University Maryland - Applied Research Lab For Intelligence & Security

  • University Of Texas @ Austin / ARL

  • University Of Massachusetts Lowell

  • University Of Alabama (Huntsville)

  • Oklahoma State University

  • University of Dayton

  • Kansas State University

  • Texas A&M University

  • Morgan State University

  • Auburn University

Law Enforcement

  • DC National Guard

  • New York Police Department

  • Royal Canadian Mounted Police

  • Police Executive Research Forum


  • Our client satisfactions levels are in the exceptional range . We provide our clients with the Gold Standard for successful Insider Threat Mitigation. We encourage you to read the feedback from our clients. Client Comments

    More Information:



Veriato is an innovator in Insider Threat Detection and a global leader in Employee Monitoring Software. Driven by AI, more than 42,000 companies and government entities worldwide utilize Veriato to gain unmatched insight into the User Activity occurring on their network. Veriato’s product line includes the Veriato Cerebral, Veriato Investigator and Veriato RansomSafe.

More Information



Whether federal, state or local agency, public safety or educational organization, TransUnion’s suite of mission-critical solutions provides the public sector with vital information and an unmatched combination of credit and non-credit data to help ensure citizen safety, manage compliance and boost services for constituents served. Our comprehensive and unique sets of credit, criminal and public data, coupled with flexible analytics, help agencies detect and prevent cyber fraud, and make connections between people, businesses, assets and locations.

Our experience has given us a deep understanding of the challenges facing your organization, your service requirements, and the factors that impact your daily operations.

More Information



Dtex provides organizations across the globe with the complete, user-focused visibility needed to strengthen enterprise security posture and effectively manage insider threats. Dtex’s Modern User Activity Monitoring combines high-fidelity user activity data with machine learning and advanced analytics to pinpoint anomalies in real time, elevate areas of risk, generate actionable insights, and provide answers quickly. Collecting only the lightweight data needed to identify risky behaviors, Dtex can be deployed and scaled quickly with no impact on network, endpoint or human performance and without impeding user privacy.

More Information




Mitigating insider threats takes a lot more than just correlating network data. It requires the ability to analyze 'whole-person' behavior — rapidly, continuously and at scale.

Our Haystax For Insider Threat solution was designed from the ground up to:

  • Continuously assesses the trustworthiness of individuals, not just user activity on networks and devices like conventional machine-learning or rules-based solutions.

  • Uses a probabilistic model that analyzes evidence from a wide array of data sources to prioritize risk rather than generate excessive false-positive alerts that overwhelm analysts.

  • Provides a user interface that mirrors current analyst terminologies and workflows.

  • Includes a connector framework that makes it easy to integrate data and existing detection systems quickly.

Top federal government agencies and large commercial enterprises, as well as state and local public-safety organizations, rely on Haystax for more effective protection of their critical systems, data, facilities and people. A U.S. defense agency has called Haystax for Insider Threat the "only known system for prioritizing personnel according to positive and negative nodes of trust."

More Information




MathCraft Security Technologies is the leading provider of innovative software for today’s security professionals. As a trusted partner within the industrial security community, we work with government and corporate organizations of all sizes to streamline operations, maximizing both productivity and efficiency.

MathCraft’s robust product lines are compliant with Defense Security Service (DSS) and NISPOM requirements for cleared contracts and enterprises. Our solutions are carefully engineered to improve security and compliance processes, giving Facility Security Officers (FSOs) and employees the comprehensive tools that they need to manage data, monitor visitors, and automate workflows. For ultimate convenience, they are also available on-premises or via a FedRAMP-approved cloud platform.

Access Commander® is our industrial security management software for FSOs who need to govern and organize their security efforts while staying compliant.

ViSi Commander™ is the application that allows FSOs to manage visitors across cleared facilities and streamline the check-in/out process.

Portal Commander™ is our automated, self-service security portal for employees, line managers, FSOs, and CSOs who require improvements, consistencies and accountabilities in security processes. The Business Process Management (BPM) edition includes a workflow engine that allows you to optimize your security processes like never before.


With MathCraft’s powerful lines of industrial security applications, organizations can manage their classified facilities, personnel clearances, foreign travel, classified visits, incidents, insider threats, classified contracts, classified documents, badges, training, and more in one place, within applications that make compliance inherent and systemic. Our products save time, reduce costs, and minimize risks for those who stand on the front lines, safeguarding our nation’s most sensitive information and infrastructure.

More Information



Securonix redefines the next generation of security monitoring. Securonix Next-Gen SIEM uses big data architecture to provide unlimited scalability and data retention on a non-proprietary open platform. It leverages machine learning and behavior analytics to detect the most advanced cyber threats.

The solution comes packaged with out-of-the-box content for insider threats, cyber threats, cloud threats, and fraud. It also comes with Securonix Spotter, which supports text-based search, ad-hoc reporting, link analysis, and threat hunting capabilities across massive data sets. Securonix provides incident orchestration and response capabilities with built-in incident response playbooks and case management.

The Securonix solution is available in the cloud as a fully-managed SaaS platform. Securonix is SOC2 certified and supports complete SIEM functionality in the cloud with minimal operational overhead.

More Information



SolarWinds® provides powerful and affordable IT management software to customers worldwide from enterprises of all sizes to virtually every civilian agency and branch of the US Military. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem.

More Information



Oracle is a leader in security and top provider of 5G, Cloud (DaaS, SaaS, PaaS, Iaas), Java, Data technologies, HCM/ERP/CRM, AI/ML, Emerging technologies, Hardware, and much more.

Oracle technologies specificslly help reduce the insider threat access to highly sensitive data with technologies such as Gen 2 Cloud, Transparent Database Encryption, Key Vault, Database Vault, Audit Vault, Database Firewall, and the Cloud Access Security Broker (CASB).

Oracle enterprise Hardware and Cloud have been selected by Insider Threat and Security Operations Centers at large agencies to run 3rd party COTS software. Oracle hardware is selected for its low cost, high performance, and resiliency in the InT/SOC use case.

More Information



Code42 is the leader in data loss protection. Native to the cloud, the Code42 Next-Gen Data Loss Protection solution rapidly detects insider threats, helps satisfy regulatory compliance requirements and speeds incident response — all without lengthy deployments, complex policy management or blocking user productivity. Because the solution collects and indexes every version of every file, it offers total visibility and recovery of data — wherever it lives and moves. Security, IT and compliance professionals can protect endpoint and cloud data from loss, leak and theft while maintaining an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42 Next-Gen Data Loss Protection preserves files for compliance and can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners.

More Information
Read Code42’s Blog / Follow Us on Twitter



Cyberhaven rapidly detects and eliminates data incidents caused by insider threats. Cyberhaven reduces the cost of data breaches by rapidly detecting and investigating insider threats. It provides instant visibility into data flows across endpoints, servers, email and SaaS, significantly reducing the amount of time to contain a breach.

More Information




Splunk drives fast, confident decisions to solve DoD’s toughest challenges and ensure mission success. Its massively scalable analytics platform leverages data from any source or format – satellites, mobile devices, servers, weapons systems and more. It delivers real-time situational awareness and insights that optimize assets and operational capabilities, accelerating mission execution.


More Information


Yakabod’s CISOBox and Yakabox software provide secure software for insider threat case management, file sharing and other business processes. The company’s products provide insider threat teams with efficient, productive, repeatable business processes for managing, tracking and documenting insider threat investigations, as well as for communicating with investigation teams and stakeholders. Built on technology created for, certified (Under NIST RMF) by and used in U.S. Federal Intelligence Agencies, Yakabod’s solutions provide comprehensive security to protect sensitive, high stakes insider threat case data from both external and internal threats and to minimize the risk associated with improper access to or disclosure of sensitive insider threat information.

More Information



Ekran System is an insider threat management platform that effectively deters, detects, and disrupts insider threats.

To deter insider threats, Ekran System comes with a rich set of access management features within a single endpoint agent.

To detect insider threats in a timely manner, Ekran System monitors, records, and audits all critical data, all critical configurations, and all user activity on critical endpoints. Its alerting subsystem includes both customizable rules based on generic behavioral indicators of potential insider threats and an AI-powered user behavior analytics module for detecting anomalies in the routines of internal users.

To disrupt insider threats, Ekran System delivers real-time notifications to your security team together with the full context of each incident. It also provides a rich selection of incident response features for comprehensive protection against insider threats.


More Information




Copyright © 2021 - National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice