Abstract: A data security threat control and monitoring system and method described herein may provide visibility into users' activities and their access to sensitive information (e.g., social security number, addresses, fingerprints, and the like) in order to evaluate and mitigate, for example, insider data security threats. The system may monitor various types of activities, such as end users' behavior on applications and/or end users' access, downloads, and copies of sensitive data. The system may monitor for suspected or detected violations and incidents for applications, such as suspicious, disruptive, or policy-violating (actual or attempted) activities. A distributed file system may be used to extract data from one or more databases and to transform the data. The data may be processed, such as to generate distribution fact and dimension files. Servers, such as web servers, may generate reports indicating insider threat activity using the processed files.

Abstract: A data security threat control and monitoring system and method described herein may provide visibility into users' activities and their access to sensitive information (e.g., social security number, addresses, fingerprints, and the like) in order to evaluate and mitigate, for example, insider data security threats. The system may monitor various types of activities, such as end users' behavior on applications and/or end users' access, downloads, and copies of sensitive data. The system may monitor for suspected or detected violations and incidents for applications, such as suspicious, disruptive, or policy-violating (actual or attempted) activities. A distributed file system may be used to extract data from one or more databases and to transform the data. The data may be processed, such as to generate distribution fact and dimension files. Servers, such as web servers, may generate reports indicating insider threat activity using the processed files.