Customer story

Powered insider threat detection in real time for a Fortune 100 US bank

About the customer

One of the top 3 banks in the US

A leading multinational financial institution, that serves millions of customers, including individual consumers, businesses, institutions, and large corporations, across the United States and more than 35 countries.

Business goals

Combat insider risks with a scalable, real-time threat intelligence solution

With insider threats becoming increasingly frequent and hard to detect, the bank wanted a robust solution to promptly detect anomalous behavior across sensitive applications. They were looking to:

Build an advanced threat detection system that could monitor suspicious user behavior across 4,000+ applications and dynamically scale based on data load.​
Process thousands of records per second and identify 100+ high-risk security actions and logs across their internal network.​
Get real-time alerts that would help promptly prevent unauthorized access and data breaches.
Identify evolving behavior patterns across a context window of 7 to 30 days, with real-time correlation.
Challenges

The existing threat detection system was unable to accurately identify insider threats at the speed and scale needed

Lack of automation and real-time capabilities

Relied on static, rule-based alerts to identify indicators of malicious behavior, leading to false positives and delayed response.

Limited data processing capabilities

Could not process high volumes of data from a large number of sensitive, customer-facing and operational applications, leaving the bank vulnerable to threats.

Expensive and inflexible technology stack

The bank’s existing technology stack was driving up operational and infrastructure costs. Moreover, its rigid architecture was creating deployment and scalability bottlenecks.

How Gathr.ai helped

Delivered a high-performance threat detection solution, empowering the bank with real-time intelligence at scale

Real time data ingestion and processing at scale

Seamlessly ingested massive volumes of incoming data from critical applications and processed over 20,000 events per second.

Unified, scalable solution

Extracted diverse data into a centralized data lake with scalable architecture and delivered alerts to target applications.

Dynamic threat detection

Leveraged heuristics, ML algorithms, and advanced data models to detect insider threats dynamically.

Contextual tracking of behavior patterns

Detected threats with deeper context and accuracy leveraging stateful event correlation over a window of 7 to 30 days.

Automated alerts in real time

Delivered automated, real-time alerts for suspicious activities, reducing the time taken to mitigate potential breaches.

data-pipelining-for-insider-threat-detection-with-gathr-ai
Business Impact

By enabling real-time detection of insider threats, Gathr.ai helped the bank safeguard sensitive data, ensure compliance, foster customer trust, and avoid potential reputational damage. The solution also helped reduce operational costs while driving speed, agility, and efficiency. 

10Bn+

Events analyzed in a year

8X

Faster time to market for onboarding new applications

5X

More applications onboarded, expanding threat coverage

10X 

Lower infrastructure costs

4X

Faster data ingestion and processing

Gathr.ai helped us identify anomalies in our incoming data in real-time. It helped us scan ~10k applications for any abnormal user behavior.

Director

Cybersecurity

Director

Cybersecurity

Gathr.ai helped us identify anomalies in our incoming data in real-time. It helped us scan ~10k applications for any abnormal user behavior.