- Knowledge Base
- Getting Started
- Getting Started with Human Risk Management and the CultureAI platform
-
Product News and Updates
-
Getting Started
-
User and Identity Management
-
Configuring Telemetry Sources
-
Configuring Risk Detection
-
Configuring Interventions
-
Email Phishing
-
Security Centre
-
Coaching
-
Investigating Behaviours, People and SaaS
-
Reporting
-
API Reference
-
Getting Help
-
Best Practices
-
Communications
-
Troubleshooting
How Does Risk Detection Work in CultureAI?
CultureAI detects risks by observing employee behaviours that we ingest from Telemetry Sources, and comparing them against your organisation’s security policies.
A behaviour is what someone does — like logging in, clicking a link, or sharing a file.
A risk is when that behaviour doesn’t align with policy or best practice — for example:
-
Using the same password across multiple SaaS apps
-
Accessing unapproved software
-
Entering sensitive data into ChatGPT
-
Clicking on a link that’s been flagged as malicious
Risks are detected in real time, and enriched with metadata — like the user, app, timestamp, and risk severity — to help you investigate or act quickly.
You can view all detected risks on the Human Risk Dashboard, or explore them in more detail in the Behaviours and People pages.
You can also configure detection settings — for example, defining what constitutes a “weak” password or which SaaS apps are approved.