Heureka introduces Tableau workbook for data visualization

Heureka-Tableau Workbook

Heureka has expanded the ability to visualize and interact with data outside of the Heureka platform using Tableau. Our team has created sharable workbooks and dashboards that take all the work out of creating visual analytics.

Best of all, every dashboard is completely interactive allowing users to customize dates, custodian (computers), and file types with instant feedback and visual results.

Wanna take a test drive? Click here to check out Heureka’s Tableau public site where you can interact with the data.




Existing Tableau users simply import a flat-file CSV from Heureka’s Interrogate into the supplied workbook.

Once imported users can visualize and interact with the following:

  • Dates
  • Custodians (Endpoints)
  • File Categories
  • Duplicate file information
  • Top 10’s showing Users by file count/file size/risk score
  • File counts by year, category or size
  • File growth by category or count over time
  • Potentially redundant, trivial or obsolete files (ROT)
  • Potential Risk (Credit Cards, Social Security Numbers, Bank Routing Number, etc)

Standard data views provide the opportunity for users to easily overlook their most important information. When combining Tableau with Heureka data, actionable insight becomes instantly accessible allowing users to spot visual patterns quickly and efficiently. A user can also easily create filtered data reports for quick and easy communication.

Your data has a story to tell! Let Heureka and Tableau illustrate it for you.

Employee Data Theft and a “Heureka” moment



A recent posting on LegalTechNews.com sparked numerous conversations regarding the ability of Heureka Software to be used as a proactive tool when applied to employee data theft. The article discusses using forensic tools to ascertain whether an employee has removed or stolen data from a computer “prior to, or immediately after, an individual’s termination or resignation from an organization.”.

A significant take-away from the article is the lack of discussion on proactive versus reactive approaches. While performing forensic investigations on surrendered computers will always remain critical, a key element to Heureka’s software is proactively knowing exactly what files are present on an endpoint prior to or immediately after termination or resignation. Additionally, as Heureka keeps track of moved or deleted files from their original location, it’s possible to search for files that have been moved or deleted on an endpoint in question at any point in the process.

When Heureka’s endpoint service is deployed the data becomes searchable both on metadata fields such as file name, extension, date, file owner, etc. as well as file content like email body and attachment (including non-Microsoft Office attachments). Critical and sensitive information is automatically discovered on a daily basis using a hands-off classifying engine offering high-level views of potential risk across the environment.

One of Heureka’s main goals is to help companies transition from being reactive to proactive. We do this by creating tools to categorize, identify and search for information at the earliest possible stages of the EDRM model. For HR departments, the “Heureka moment” is having a tool to view a computer, server or file share’s inventory including potentially sensitive information at the earliest possible stages. Further, in coordination with IT or management, files can be quarantined, deleted or collected from any endpoint which has significant impact on the ability for an individual to steal information.

The long-standing tradition of not having intelligence at the endpoint level is quickly changing. Having the ability to proactively gather intelligence at the earliest possible stages of an employee termination or resignation changes the game significantly. Lack of tools and technology can no longer be an excuse for not knowing where the most sensitive data is in within an organization. Knowing what an employee has on their device prior to any action provides the ultimate insight prior to any action such as termination or resignation.


Meet our intern – Deven Gyure


Heureka Software welcomes Deven Gyure for the Summer!

Deven currently attends MC2 Stem High School and is planning on attending college to study computer science. It is rare to have an intern who already has name recognition, but in Deven’s case its true.

Deven is part of a team of students who helped build a bomb-seeking robot for the Republican National Convention held in Cleveland. He and his team made headline across the US (CNN Money) and as far as the BBC in U.K. for their work in conjunction with the Cleveland Police Department.

He is currently working on an all-terrain, waterproof robot with camera capabilities in his “spare time” and enjoys travelling across the country to compete in robotic competitions.

While at Heureka, Deven has been learning Java and been working on a dashboard project for the software development team. The project creates a visual dashboard of updated software tickets to be used at the software team’s daily stand-up meetings.

The entire Heureka team wishes him the best of luck in the future!




Do you feel Locky?


It has been a particularly bad week in terms of ransomware. Hospitals in Kentucky and California have been hit with a ransomware called Locky. Once opened, Locky infects local machines and other network connected computers and spreads via email messages which are disguised as Microsoft Word attachments. Many users have reported that the attachments looked like legitimate invoices or official documents.

Obviously it is not a good idea to open any attachment you don’t recognize and be extremely cautious enabling macros for attachments that request it.

This week the Heureka team added the Locky hash-based IOC’s to our databases and they are now available for download from Interrogate’s main help page. Once in place, Interrogate will scan all of the endpoints for for requested IOC’s and show any computer that has a match.

Click here for the official US-CERT announcement.


Hey Cortana…where is my risk?


“Hey Cortana, where is all my PII data?”

Wouldn’t be great if Cortana or Siri was content aware and could actually help you discover sensitive data at the local or enterprise level?

PII data residing outside known or protected areas is just the kind of thing that keeps the Chief Risk Officer up at night. Without data awareness, defined workflows or classification tools, files may begin to migrate away from known, safe locations (data leakage).

Continue reading “Hey Cortana…where is my risk?”