// THREAT DETECTION AND DATA PRIVACY TERM
Profiling
Profiling involves using automated systems to analyze a person's personal data to predict or assess aspects like their behavior, preferences, or economic situation. This is often done to categorize individuals or tailor services, but raises privacy concerns.
TECHNICAL DEFINITION
In cybersecurity and defense, "profiling" refers to the automated processing of personal data to evaluate, predict, or analyze characteristics of a natural person, such as their performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. This practice is often regulated by data protection laws like GDPR, which impose strict conditions due to its potential impact on individual rights and freedoms, including risks of discrimination or unfair treatment.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Data analysis
- Behavioral targeting
- Risk assessment
- User segmentation
- Predictive analytics
- Automated evaluation
USAGE NOTE
Regulatory frameworks, particularly GDPR, place strict requirements on profiling, especially when it leads to automated decisions with legal or similarly significant effects on individuals.
DEVELOPERS
Organizations developing technology related to Profiling.
Exabeam specializes in user and entity behavior analytics (UEBA), which involves profiling the normal behavior of users, devices, and applications within an organization's network to detect anomalies and identify insider threats or compromised accounts.
Darktrace uses its 'Self-Learning AI' to build an evolving understanding of 'normal' for every user and device across an organization's digital estate, effectively profiling their behavior to autonomously detect and respond to cyber-threats that deviate from these established patterns.
Splunk provides a security information and event management (SIEM) platform that includes user and entity behavior analytics (UEBA). This technology profiles user and system behavior over time to identify suspicious activities and potential threats, aiding in threat detection and incident response.
Vectra AI offers AI-driven network detection and response (NDR) solutions that profile network behaviors, devices, and users to detect hidden and in-progress cyberattacks in real time, focusing on threat behaviors that bypass traditional security.
Palo Alto Networks integrates profiling capabilities across its various security offerings, including advanced threat protection, cloud security, and extended detection and response (XDR), to build baselines of user, network, and application behavior for anomaly detection and threat intelligence.
CrowdStrike's Falcon platform leverages behavioral analytics and machine learning to profile endpoint and identity activity. This profiling helps detect malicious behavior, prevent breaches, and identify sophisticated threats that might evade signature-based detection.
Microsoft's security offerings, such as Microsoft Defender for Endpoint and Azure AD Identity Protection, extensively use profiling of user identities, devices, and application behaviors to detect anomalous activities, identify compromised accounts, and protect against a wide range of cyber threats.