Ppm 2000 Whitepaper 11245325

Strengthening Intelligence and Investigations with Incident Management Software

Nov. 22, 2013
Looking at high-level business trends that encourage the use of software for intelligence and investigative purposes, this paper describes how security professionals are building diverse, inclusive data sets and using security-focused incident management and analytical software to identify connections that help in discovering, and preventing, security incidents.

Incident management software, and the data collection and analysis that the software supports, serves three primary purposes: (1) risk management; (2) performance management; and (3) intelligence and investigations. This paper emphasizes the third purpose, intelligence and investigations, and takes a look at high-level business trends that encourage the use of software for intelligence and investigative purposes. It describes how security professionals are building diverse, inclusive data sets and using security-focused incident management and analytical software to identify connections that help in discovering, preventing and solving security incidents and crimes. It also examines techniques currently in use among security professionals, such as investigative data mining, link analysis, timeline charting, pattern analysis and trend spotting.