Skip to main content

📚Overview

Unify Insights is a product offering that allows you to collect data from multiple applications and toolsets within your environment and feed it into Unify to determine what elements of human cyber risk you are currently exposed to. Through API Integrations, Unify receives data events that can be cleaned up and associated with corporate identities (email addresses, user ids, or other personally identifiable information [PII]) so that a risk profile can be built off of those data events.  

📊Human Risk Management

A Human Risk Management Solution enables you to take a focused approach to risky behavior by: 
  1. Engaging the End User: By identifying specific areas of risk, you can assign content that targets increased education on the areas that make the biggest impact. Living Security Content engages employees with interactive content and immersive experiences as part of our Training platform, as well as our Teams: CyberEscape Online product. These sorts of experiences are proven to be 16x more effective in engaging participants than traditional click-through training content.
  2. Quantify Data: Unify, specifically the Human Risk Index, quantifies the human risk of organizations by attributing a risk score to users. Enterprises that are able to do this can understand over time how their efforts are impacting organizational risk.
  3. Manage Risk: Unify Insights give you visibility of the behaviors and environmental factors of your organization’s human risk to better target where the risk is and create action plans to mitigate it.
To learn more about a Human Risk Management solution, check out the 2022 Living Security Human Risk Management Whitepaper.

📈 Insights 

The primary functionality of Unify is to provide easy to read analytics of the behavior and event data it receives from your applications and tools. The data is surfaced as Insight Detections on the Unify dashboard. Power Insights combine related behavior and event insights to surface a summarized view of insights with high HRI impact. View the full list of available insights here. 

🌊 HRI

Unify calculates a Human Risk Index, also known as HRI, by taking raw event and behavior from your security tech stack, resolving that data across your identities, and feeding it into an algorithm known as a Probabilistic Graph Model. 
A Probabilistic Graph Model is a flexible technique for representing the dependencies between multiple variables and how those variables are related to some (probabilistic) outcome.
rebranded sales graphic april 2024
By focusing on key categories, Unify is able to maintain clear areas of risk for your security teams and/or program owners. Below, you can find a breakdown of each category and what type of events are usually normalized within Unify.
  • Authentication & Access: Identity Management tools, such as Azure Active Directory and Okta, can provide Authentication events, such as Login Success or Account Lockout events of users within an environment to determine how individuals perform under your authentication processes.
  • Data Security & Privacy: Events such as access denial and data exfiltration monitoring pushed to Unify can inform you of when passive policies (such as least privilege policies) might be at risk or if excessive  Data Security risks are being conducted.
  • Endpoint(Device) Security: Events such as malware risks or utilizing a password manager can speak to the device security practices of individuals, departments or office locations within your environment.
  • Phishing & Email: Events such as receiving Phishing attempts, and clicking malicious links provide you a view into who in your organization is reporting or clicking on these events.
  • Training: Events such as completion of training will give you the insight into how your users are becoming vigilant.
  • Web Security: Events such as when an identity has attempted to access a blocked website, or when they access a malicious website will affect their overall human risk score.
We can see what sorts of events we might compile to give human risk scores for your organization, but how does Unify tackle the issue of associating these events with identities of your organization. 

🆔 Entity Resolution

Identities within Unify are representative of an entity whose data is owned by a Corporation. An entity could be a user, an alternate profile for admin access, service accounts, etc.
Entity Resolution (ER) is the process by which Unify determines which identifiers represent the same entity and ties together all activity across those identifiers. Entity Resolution is only possible, and thus mandatory, for organizations to have setup an Authoritative Directory within their Identity Provider. 
Screen Shot 2022-07-22 at 9.39.12 AM
Within Unify, individual entities are resolved by correlating their informative relationships. This allows Unify to inform new types of analytics or insights. An example of Entity Resolution would be:
  1. The first identity is provided an Okta integration, which uses two aliases for the same entity: a) an email address, b) the internal Okta service identifier (GUID).
  2. The second identity is provided by a Proofpoint integration and has a single email address alias.
In this example, Unify is able to associate the email address to inform Unify that these two individual entities belong to the same identity within an organization.  Once an identity has been associated with the individual entities that exist within your organization, you can then be supplied with aggregate risk scores using the HRI algorithm and be displayed in Unify for your organization to digest it as needed. 

What Now?

Now that we understand what Unify is doing for your organization, let us give you a guided tour of the Unify Insights platform and what requirements organizations will need to meet to use Unify to its fullest potential.