Forcepoint Insider Threat provides risk scoring and analysis for user behavior to protect systems and data from malicious or accidental threats.
It includes extensive capabilities to enforce policy and support regulatory compliance, visualize risks, replay user activities through a DVR-like
interface, and supply forensic analysis with detailed information about user behavior. Through integration with Forcepoint DLP, data can be classified
and protected as part of an insider threat remediation program.
Of course, a critical component to insider threat analysis is identifying the physical people using the devices. To deliver this insight,
Forcepoint built the TickStream.CV capture engine directly into the desktop Forcepoint Insider Threat client, and it runs on any platform supported
by Forcepoint. The TickStream.CV analysis runs against the data collected by the Forcepoint client, and the results can be consumed through a
standard REST API.
The TickStream.CV analysis server components can be deployed on one or more existing servers using a standard Windows Installer
package, or can be delivered on a pre-configured virtual server image (in Hyper-V, VMWare, and Citrix formats).
Minimum requirements include:
- Microsoft Windows Server 2008 R2 or later
- Internet Information Services (IIS)
- Microsoft SQL Server 2008 R2 or later, or Apache Impala