Identify fraud is a growing concern given the recent proclivity of compromised personal information from Internet-based hacking. Further, digital transactions make it possible for thieves to quickly maximize purchases before an identity theft can be detected.
Separately, the field of security information and event management (SIEM) is generally concerned with collecting data from networks and networked devices that reflects network activity and/or operation of the network devices, and analyzing the data. For example, a reported event can be triggered when a user logs on to a device, uploads files, or moves between access points, makes a VPN (virtual private networking) connection, or connects to a cloud application.
Problematically, there is currently no correlation between the information available through disparate log systems, in part because of the voluminous amount of information collected by SIEM systems for unrelated purposes.
Therefore, what is needed is a robust SIEM system to merge various metadata for different events to prevent identity theft using a log management system. Changes in locations for the underlying identities can be tracked among log events at different times to detect anomalies indicative of identify theft.