“The call is coming from inside the house.”
It’s the stomach-dropping, horror-movie trope, but also a very real cybersecurity scenario when you consider that 48 percent of companies report insider attacks becoming more frequent in recent years.
That’s why Arsie Solomon’s team at Nisos has been busy building a tool that alerts security teams before threats escalate.
Solomon is the Vice President of Product Management at Nisos, and led the launch of a new product called Ascend Insider Threat, a platform that monitors employees’ external behavior for early warning signs that could result in organizational risk.
“It’s not a ‘nice to have’ dashboard — it’s something that could genuinely enable security and risk teams to see threats they might otherwise miss,” Solomon said.
What Does Nisos Do?
Nisos is a human risk management company specializing in unmasking threats before they escalate. Nisos operates as an extension of security, intelligence, legal and human resource teams to protect their people and business.
According to Solomon, most security teams rely on manual investigations across fragmented risk signals, limiting timely visibility.
“By the time something surfaced, the damage was often already done,” Solomon explained.
That was the catalyst for leaders like Solomon to realize there was a real market opportunity for Nisos.
“There was a gap in the market for a solution that could blend external intelligence, and structured risk logic into something actionable and easy to operationalize,” she said.
What Does Ascend Insider Threat Monitor?
Nisos recently added the Insider Threat module to the Ascend platform, and describes the product as a dashboard that monitors external behaviors to identify potential insider risks before they occur. A blog from Nisos notes: “By identifying patterns, monitoring ongoing risks, and conducting thorough investigations, we can flag malicious actors and mitigate their impact.” Below are just a few of the threat indicators that the Insider Threat solution can monitor:
- Criminal activity
- Financial stressors
- Employment grievances and significant negative sentiment
- Polywork
- Leaked company data
Since the Insider Threat solution is built into the Ascend platform, it can act as a kind of external early warning system, said Adam Young, Senior Director of Product Management. In contrast, most competing products focus only on solutions like data loss prevention or internal behavioral analytics.
“We look beyond traditional insider threat approaches to identify external signals of human risk that existing solutions would likely miss, giving our clients earlier warning of potential threats before they escalate,” Young said.
How Nisos Designed Insider Threat Indicators to Detect Insider Risk Earlier
Early in the development of the Ascend Insider Threat solution, Solomon said she had an ‘aha moment.’
“It became clear that teams weren’t experiencing just a single pain point — they were struggling with the lack of a unified way to connect signals, prioritize them and take action confidently,” Solomon said.
That insight pushed her team to broaden the scope of the solution, and design a more holistic, end-to-end workflow rather than incrementally patching individual gaps.
Early and frequent conversations with customers and design partners helped the product team continuously iterate on the product to meet client needs. For example, Young said they discovered that most customers leverage open-source investigative techniques, but only after a threat arises.
“In talking with customers and experts within and outside of Nisos, there was a clear need to provide analyst expertise,” Young said. “What makes Nisos’ Insider Threat solution unique is its ability to use the same techniques, but proactively.”
Within a week of conception, engineering and design built a foundational MVP.
The Technical and Team Challenges Behind Building Ascend Insider Threat — and How Nisos Overcame Them
The launch of the new Insider Threat solution required a mix of modern technologies and deep cross-functional collaboration, according to Solomon.
On the technology side, the team combined data-processing pipelines, updated risk-scoring logic and developed a new front-end experience to make the user journey more intuitive. This cross-functional work required constant communication and a seamless handoff between various internal teams — but this is easier said than done.
“One of the biggest early hurdles was alignment,” Solomon said. “Different teams had slightly different interpretations of the problem we were trying to solve.”
At first, each team saw pieces of the problem, but not the whole picture.
“We overcame that by slowing down up front,” Solomon said. This meant hosting working sessions and mapping real user workflows.
“The lesson was clear: Investing in alignment early saves significant rework later,” she said.
Glenn Russell, vice president of engineering, agrees.
“It’s a tale as old as time — competing priorities,” Russell said. “That will always be a feature of product development and the process is always the same regardless of the technology: Have honest conversations about what’s important, and consider trade-offs along the way.”
For example, teams had to consider whether every feature was worth it, Russell said, or whether they introduced too much technical debt.
The technical challenges were no small feat either, Young said.
“Conducting comprehensive digital footprint analyses and contextualizing potential risk indicators associated with specific individuals involves considerable complexity,” he said.
To that end, Young said they leveraged AI models to assess gathered data for potential threats. Another hurdle that the team had to clear was how to work with AI models that are constantly changing.
“Like many other companies, we’re looking at what AI can do for us and Insider Threat was no different,” Russell said. Nisos had a clear use case to leverage generative AI to help summarize lots of information, but like all fast-changing technology, it needed to be handled with care.
“It’s important to understand the strengths and weaknesses of this technology, so we were careful to understand how to add guardrails to ensure a good user experience,” Russell said.
Ultimately, the product launch came together, and now, the Nisos team has a more complete evaluation framework to account for testing new models quickly.
“Our team is the perfect example of how to adopt technology such as AI in a way which makes sense and doesn’t feel like it’s just an exercise in deploying buzzwords,” Russell explained. “If we didn’t have a team of very capable product people and engineers, along with leadership with the vision to allow those people to run and not walk — this product launch would not have happened.”
The Insider Threat solution is available as part of Nisos’ Ascend SaaS platform now. See Nisos Insider Threat Solution for more details and to take a tour.
Frequently Asked Questions
What problem does Ascend Insider Threat solve?
Ascend Insider Threat helps organizations detect insider risks earlier by monitoring external indicators like criminal activity, financial stressors and leaked data, allowing security teams to act before threats escalate.
How is Nisos’ approach to insider threat different from other tools?
Unlike traditional solutions that focus mainly on internal activity or data loss prevention, Ascend Insider Threat emphasizes proactive monitoring of external signals that many existing tools miss.
How did Nisos design and build the Ascend Insider Threat platform?
The product was built through early customer conversations, rapid MVP development and close collaboration across product, engineering and design, with a focus on creating an end-to-end workflow rather than patching isolated gaps.
What role does AI play in Ascend Insider Threat?
Nisos uses AI models to analyze complex digital footprints and summarize large volumes of information, with guardrails in place to ensure accuracy, usability and a strong analyst experience.
What does building this product reveal about Nisos’ work culture?
The story highlights a culture that values alignment upfront, honest trade-offs, cross-functional teamwork and giving product and engineering teams the autonomy to move quickly while solving meaningful security problems.
