Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

Blog

Cyber Attacks Cyber Crime Cyber Defences Cyber Insurance Cyber Monday Security Tips Identity Identity Management Identity Threat Detection Identity Threat Detection and Response Identity‑Context Security personally identifiable information Protects Real‑Time
_

New Client Exposed New Product: TOTAL by TruU: Real‑Time, Identity‑Context Security That Protects, Predicts, and Enforces

bva took on a new client recently which exposed us to a new security platform that we had never seen before. Its always fun to find a new product that hits the mark. Organizations have invested heavily in SIEM, EDR, NDR, IAM and MSSP services, yet breaches persist and SOC teams drown in noisy alerts. TruU’s TOTAL platform changes the angle of attack: it learns people, not just events, and uses AI to add identity personas to every signal. The result is real‑time detection with automatic enforcement, fewer false positives, and dramatically reduced analyst fatigue. TOTAL unifies behavioral identity, passwordless workforce access, and adaptive enforcement to close gaps across digital and physical resources. Pretty cool stuff….

Zero Trust reframed enterprise security for cloud, mobility, and de‑perimeterization. But achieving near‑instant detection and response (MTTD=0, MTTR=0) requires identity context first — a telescopic view of the actor before a microscopic view of an event. TruU’s TOTAL Trust extends the Zero Trust model to prioritize continuous identity, reduce alert volume, and prevent breaches at the speed of action.

Key implications:

  • Identity‑first telemetry. TOTAL builds a behavioral persona for every actor and injects that context into event processing, converting raw logs into clear narratives SOCs can act on.
  • Automation as a default. By learning from analyst decisions, TOTAL resolves benign alerts and enforces on likely threats automatically, escalating only ambiguous cases.

Core Services

  1. TOTAL Protect – continuous identity and presence signals (behavioral biometrics, proximity, entitlement graphs) inform risk in real time.
  2. TOTAL Predict – an AI engine that turns raw enterprise signals into decisions using personas built from org topology, device/network posture, access traces, and communication semantics. It uses retrieval‑augmented reasoning (RAG) with dense/lexical/graph retrieval and MoE routing to select enforcement actions.
  3. TOTAL Enforce – adaptive policies that lock accounts, quarantine devices, trigger emergency responses, or self‑police users and endpoints — all in real time.

AI building blocks in TOTAL Predict:

  • Persona construction from entitlement graphs, org structure, posture and traces.
  • Sequence/state‑space encoders for real‑time updates.
  • RAG over a proprietary attack corpus with MoE routing by threat family.

DPO‑style optimization using analyst outcome labels; LoRA adapters for tenant/sector specialization; drift monitors and score calibration to keep thresholds steady.

Continuous Identity & Passwordless Workforce Access

Passwords and badges remain the leading friction and a major breach vector. TruU’s platform replaces point‑in‑time logins with continuous identity, blending behavioral biometrics, mobile FIDO factors, and proximity signals to deliver passwordless, badgeless access across endpoints, apps, VPN/VDI, servers (SSH/RDP), and even physical doors.

  • Universal Factor Authentication (UFA). Identity decisions are based on the user’s implicit self (behavioral + biometric signals), achieving near‑perfect precision and fluid access.
  • Desktop & server coverage. Windows/Mac/Linux endpoints, privileged OS commands, VDI/VPN, SSH/RDP — unified policies across digital and physical domains.
  • Hardware‑backed MFA. When mobile isn’t practical, integrate YubiKey to extend FIDO‑compliant passwordless MFA for workstations, apps, servers, VDI, and VPN.

Identity Personas: The Missing Layer in Detection

Traditional systems treat events atomically. TOTAL creates behavioral personas per actor, learning how, when, and where people work, and how they interact with data. This identity context transforms noisy events into narrative threat briefs, allowing automated resolution of benign patterns and decisive enforcement for likely threats.

How personas reduce noise:

  • Enrich detections with entitlement and topology awareness.
  • Correlate sequences across time and systems with state‑space encoders.

Align enforcement to your SOC’s risk appetite through DPO‑style preference learning.

Insider Threat: Interpreting Intent, Not Just Actions

Insider risks demand semantic understanding. TOTAL Predict applies LLM‑powered behavioral intelligence to interpret subtle patterns at scale, fusing transformer encoders, LLMs, and domain classifiers. Multi‑agent neural screening filters benign telemetry while preserving indicators of malice, surfacing intent in real time rather than keywords post‑facto.

Real‑Time Enforcement & SOC Automation

TOTAL’s unified console presents events, personas, and threat briefs in one view and enforces instantly — from account locks to quarantine to enterprise‑wide emergency actions. Over time, as the model learns from analyst outcomes, up to 90% of alerts can be automated away, leaving humans to adjudicate only the hard edge cases.

Integration Ecosystem & Deployments

  • IAM & Workforce Identity. Passwordless and continuous identity across apps, endpoints, and physical access, with configurable policies and quick deployment for administrators.
  • Security Tooling. TOTAL enriches native signals rather than replacing them, adding identity personas and automated enforcement on top of existing telemetry.

Hardware & FIDO. Full YubiKey catalog compatibility for FIDO MFA, including 5 Series, Bio, and FIPS variants when mobile is unavailable or not preferred.

Implementation Blueprint

  1. Discovery & Baseline. Connect telemetry sources; map org topology and entitlements to seed personas.
  2. Policy & Controls. Configure Protect/Enforce policies for continuous identity and automated actions (lock, quarantine, emergency response).
  3. Passwordless Rollout. Enable UFA across endpoints, apps, VPN/VDI; add YubiKey for hardware‑backed flows as needed.
  4. SOC Alignment. Label ambiguous cases; TOTAL trains preference pairs (DPO) to match your adjudication style and reduce manual reviews.
  5. Operationalization. Monitor drift; calibrate scores; update attack vectors via RAG — changes go live immediately without re‑training monoliths.

Security, Privacy & Compliance Considerations

  • FIDO‑compliant passwordless MFA options with mobile and hardware factors.
  • Behavioral telemetry governance. Personas are constructed from entitlements, posture, traces, and communication semantics; thresholds and adapters are calibrated to tenant‑specific risk and drift.
  • Incident response at machine speed. Real‑time enforcement minimizes dwell time and shrinks the SOC backlog.
6

Leave a comment

Your email address will not be published. Required fields are marked *