Blockbird Data is a modern User Behavior Analytic (UBA) used to detect insider threats within an application.
Our platform flags sensitive data on different databases and then monitors individual user accesses to that data through the applications. Our SDK is used within your application's code to send information about these accesses to our API so your customers can view and analyze their users behaviour.
What type of data is each application collecting?
Which individual users are accessing this data and how often?
Has any user accessed data in an abnormal way? Can I flag any pattern-breaking data access behavior?
How much data is downloaded or deleted daily? Can I notice a sudden peak in download or delete activity?
How is a certain user behaving compared to his peer-group?
Is a user accessing types of data not adequate to his role? For example, is a doctor accessing financial data? Or is an administrative employee accessing medical data?