Ambience Anti-fraud

Ambience Anti-fraud detects and documents irregularities and activities that bear the symptoms of abuse or fraud, including:

  • Non-standard behavior during network or application login:
    • Attempts at guessing passwords and/or logins
    • Atypical authorization process, e.g. due to the user’s location
  • The use of administrative rights to access confidential data, e.g. employees’ mail or medical data based on DICOM or HL7 standard;
  • Suspicious file operations, e.g. copying material from folders containing confidential documents to personal computers or virtual disks;
  • A sudden spike in database queries, e.g. at unusual times of the day, by a specific person, or by means of a specific form;
  • Unauthorized traffic tunneling, sending data by means of modified URL addresses, diagnostic packets, DNS or http services;
  • The use of external forms and web applications for unauthorized data transfer.