@hrbrmstr at its core corporate threat detection systems are just broadly scoped automated surveillance systems operating at scale. I built them professionally for a number of years so I guess Iβm pretty desensitized to it, but even I remember getting squeamish about some of the things I implemented I built and deployed an automated insider risk detection solution on top of user behavior analytics derived from endpoint, network, DNS, and proxy logs for a Fortune 100 a couple years back. Itβs able to effectively answer questions like:- βIs this user thinking about leaving the company?β- βIs this user facing personal, professional, or financial stressors?β- βIs this user considering taking actions that might adversely impact the company or expose trade secrets?βIf any of those conditions (or other indicators) exist, it flags the user for closer scrutiny by a human analyst. They donβt actually need to *do* anything crimey to get flagged, they just need to demonstrate that theyβre considering doing something crimey. Things like that are standard fare in the threat detection world. Thatβs why itβs recommended to keep personal affairs far away from your corporate environment.A user has no reasonable expectation of privacy when utilizing any security tool that performs automated threat detection
H
