Security
Identity, endpoint, detection, and cloud-security signals that reveal the active security stack.
- Okta
- CrowdStrike
- Wiz
- SentinelOne
- Splunk
- Zscaler
Real security evidence, as the report renders it
Top-confidence claims from our public Bentley Systems sample profile — same renderer, same provenance badges customers see. Practitioner names are anonymized in the public sample.
Evidence
| Vendor | Product | Deployment scope | Conf. | Source | Date |
|---|---|---|---|---|---|
IIBM | QRadar SIEM | Active SOC operations; listed by current SOC analyst as current-role tool | Practitioner-Attestedpractitioner-attestationSage C. – LinkedIn (SOC Analyst, Bentley Systems) | 2026-05-19 | |
MMicrosoft | Microsoft Sentinel (Azure Sentinel) | Active SOC operations; listed by current SOC analyst alongside QRadar as current-role tool | Practitioner-Attestedpractitioner-attestationSage C. – LinkedIn (SOC Analyst, Bentley Systems) | 2026-05-19 | |
SServiceNow | ServiceNow (ITSM / incident management) | SOC incident response workflow tooling; listed as current-role skill by SOC analyst | Practitioner-Attestedpractitioner-attestationSage C. – LinkedIn (SOC Analyst, Bentley Systems) | 2026-05-19 |
Evidence methodology
- A current or recent employee named this vendor in their LinkedIn work-history snippet — first-person disclosure, strongest non-deterministic signal.
What the sample could not confirm
- EDR/XDR platform — Emerson Castellanos's headline lists CrowdStrike and Microsoft Defender 365 but experience snippet is too thin to accept; remains unvalidated.
- Zscaler, CASB, DLP — mentioned in Emerson Castellanos's headline only; same threshold failure as above.
How this shows up in a profile
Every profile organizes vendor mentions, practitioner evidence, confidence, and source links by domain so account teams can move from broad hypothesis to call-ready context.