Personam is VIGILANT
All threats are behavioral anomalies
Not all behavioral anomalies are threats.
Network activity is ripe with anomalies. Alerting on 1st degree anomalies only raises false alarms.
Out-of-character anomalies are 2nd degree anomalous. There are fewer of these, and they strongly correlate with threats.
Personam detects movement against the norms of the network
- Behavioral anomalies are scrutinized by type.
- In-character & in-family behavior establishes norms (including anomalous).
- Second-degree behaviors against the norms are singled out.
2nd degree out-of-family anomalies are even stronger
All 2nd degree behavioral anomalies are important. Most are malicious.
