Iveron — Insider Threat Intelligence

predict.
detect.
protect.

A Digital AI Agent that makes sense of the operational data you already have — detecting insider risk inside high-security, high-complexity environments before it becomes an incident.

Data Universe
Total Nodes 1,000
Monitored 1000
Patterns 0
Integrity 100%
Click & drag to rotate  ·  continuous pattern analysis active
Scroll
CCTV BADGE HR ACCESS 01 · DATA INGESTION continuous feed from all security and operational systems 02 · ANONYMIZATION privacy by design — identity stripped before processing 03 · ENGINES RULE ENGINE SCORING ENGINE ANOMALY DETECTOR 04 · ACTIONS signal resolved — before the incident occurs ALERT INVESTIGATE PREVENT
What is it

A digital agent
for insider risk.

It detects and makes sense of security and operational data to reduce loss, incidents and compliance gaps across complex facilities — before they occur.

Backed by 40 years of physical-security operating experience and 20 years of systems — built for operators, not analysts.
Privacy & Compliance

Built for privacy.
Designed for trust.

No surveillance

Iveron analyses patterns across your existing operational data — no new monitoring devices, cameras or tracking. Zero new data collection from employees.

Performance risk only

Only operational signals are detected: access events, shift patterns, policy-linked data. No personal, medical, or protected attributes.

Human decision always

Iveron never makes autonomous decisions. Every alert requires qualified human review before any action. Fully GDPR Article 22 compliant.

PII Anonymiser — Built-in identity protection

Built for privacy. Designed for trust.

Iveron includes a dedicated PII Anonymiser that one-way hashes all personally identifiable information at the end of ingestion. Raw identity data never enters the detection layer — it is held exclusively in an AES-256 encrypted vault with access granted only to the client. Iveron and ICTS hold zero access to vault contents. Investigators work with anonymised risk profiles only; identity is revealed solely through a client-controlled de-anonymisation workflow with immutable audit trail.

  • One-way hash at ingestion
  • Client-only encrypted vault
  • Zero vendor PII access
  • Immutable de-anon audit trail
LIA Completed DPIA Framework Ready Role-Based Access Controls Configurable Retention < 90 days Full Audit Trail Data Minimisation by Default Employee Rights Response Process GDPR Compliant Privacy by Design
15+ years of ICTS PII Stewardship — proven at scale

ICTS is no stranger to handling personal data in regulated environments. TravelDoc, an identity travel management system, has securely processed the personal and biometric data of tens of millions of passengers and airside staff across regulated aviation environments in multiple jurisdictions. These systems operate under GDPR, national aviation security law, and airport data governance frameworks. Iveron inherits this proven privacy architecture — the same encrypted access controls and audit infrastructure that ICTS has operated for over a decade without a single data breach or regulatory sanction.

15+Years PII experience
50M+Pax processed
0Data breaches
0Regulatory sanctions
GDPR Compliance Architecture

Legal basis · Data governance · Safeguards

Legal basis & governance
  • Legitimate Interests (Art. 6(1)(f)) Three-part LIA test passed: purpose (critical infrastructure), necessity (no less intrusive alternative) and balancing with employee rights.
  • DPIA Framework Pre-Prepared Full Data Protection Impact Assessment template provided. DPO sign-off pathway and annual review schedule built in from day one.
  • Employee Transparency Notice Template covers legal basis, data categories, retention periods and all employee rights including Art. 21 right to object.
  • Standard Operating Procedure Documented access controls, alert thresholds, investigation protocols and escalation paths — configurable per deployment.
What Iveron processes & what it does not
  • Permitted — Objective operational data Badge access events, shift patterns, time / attendance, documented policy violations. All PII hashed at ingestion before any analysis.
  • Governed — Cross-system pattern analysis Correlation across systems requires documented necessity. Configurable rule activation with mandatory human review and encrypted audit logging.
  • Excluded — Out of scope by design Medical data, personal social media, off-duty behaviour, family status, protected characteristics. Architecturally excluded.
90dMax retention
0Special category data
100%Human review
0Vendor PII access

Proven at scale across ICTS — PII of tens of millions of passengers and airside staff handled with our partner airlines and regulatory authorities worldwide.

Making sense
of the facility operation.

Privacy first

No raw identity ever enters detection.

Iveron anonymises every signal at ingestion. Operators see behaviour, not people — identity is revealed only through a client-controlled, fully audited de-anonymisation workflow.

  • 01
    Hashed at ingestion All PII one-way hashed before the detection layer sees it.
  • 02
    Client-only vault AES-256 encrypted identity store — zero vendor access.
  • 03
    Human always decides Every alert requires qualified review. GDPR Art. 22 compliant.
  • 04
    Full audit trail Immutable record of every de-anonymisation and access event.
GDPR Privacy by Design LIA Completed DPIA Ready RBAC ≤ 90-day Retention

See iveron live

From reactive compliance
to proactive detection.

01

40 years, operator-grade

Built on four decades of physical-security operating experience across aviation and critical infrastructure — not lab theory.

02

Operations first

Designed for the people running the facility, not the people writing reports about it. Every surface is an operational surface.

03

Pattern-led

Cross-correlated across data domains. The signal lives in the relationship between events, never in a single event.

04

Catch issues early

Predictive by design — Iveron surfaces deviation before it becomes an incident, so response moves from forensic to pre-emptive.

05

Privacy first

Built around a privacy-first anonymiser and regulatory-aware architecture. No surveillance posture, no invasive defaults.

06

Rule-engine expertise

Experience-backed rule engine, continuously refined by operators on the ground. Your playbook, made computable.

What we offer
Your current tools tell you what happened yesterday. Iveron tells you what's going to happen tomorrow.
Predictive · Intelligent · Continuous
Get started

See iveron live.

Fill in a few details and we'll get back to you within one business day.

On submit, your default mail client will open a pre-filled email to our team.