Purpose-built for healthcare

Detect Hidden Security & Operational Risks in Your Data

FoundationDx uses adaptive AI to identify authentication anomalies, behavioral risks, and operational inefficiencies — before they become incidents. Designed for speed, accuracy, and affordability.

Most Organizations Collect Data. Few Extract Meaningful Insight.

Healthcare organizations generate massive volumes of data across systems like DUO, Microsoft 365, EMRs, and network infrastructure.

  • Critical anomalies go undetected
  • Alert fatigue hides real threats
  • Manual analysis is slow and incomplete
The result: risks remain buried until it's too late.
60%
of breaches go undetected for months
80%
of alerts are false positives overwhelming teams
higher breach cost in healthcare vs other industries
24h
average delay in detecting credential-based attacks

A Smarter Approach to Anomaly Detection

FoundationDx combines machine learning with adaptive rules to identify patterns that traditional tools miss. Our platform continuously learns your environment — so detection improves over time.

🔐

Authentication Anomalies

Deep analysis of DUO & Microsoft 365 authentication events to surface credential-based threats instantly.

👤

Behavioral Deviations

User-level behavioral baselines detect deviations from normal patterns before they escalate.

🛡️

Indicators of Compromise

Identify early warning signals of potential compromise or misuse across your entire environment.

📊

Operational Outliers

Surface clinical and operational inefficiencies hidden in high-volume data streams.

🔬

Cluster Analysis New

Group complex numeric and categorical data into meaningful risk clusters — revealing hidden population-level patterns invisible to rule-based tools.

What We Detect

Using real-world data, FoundationDx identifies threats and anomalies that are often early indicators of security threats or system misuse.

These are often early indicators of security threats or system misuse — caught before they become costly incidents.
  • Spray attacks across multiple user accounts
  • Impossible travel / geolocation anomalies
  • Repeated login failures (single or multi-user)
  • Authentication bursts from shared IPs or devices
  • Unusual login behavior outside normal patterns

Uncover Hidden Patterns Across Mixed Data Types

FoundationDx applies unsupervised machine learning to group users, devices, and events into risk-differentiated clusters — combining numeric metrics and categorical attributes that traditional tools analyze in isolation.

Handles: Numeric Time-series Frequency counts Categorical Role / department Device type Location Auth method
  • 🧮
    Mixed-Mode Clustering Handles both numeric (login counts, failure rates, session duration) and categorical (role, device type, auth method) fields using hybrid distance metrics — no manual conversion needed.
  • 📐
    Automatic K Selection Adaptive algorithms (silhouette scoring, elbow analysis) determine the optimal number of clusters for your dataset — no manual tuning required.
  • 🎯
    Risk Scoring Per Cluster coming soon. Each cluster is assigned a composite risk score based on its behavioral signature, flagging high-risk groups for immediate investigation.
  • 🔄
    Rolling Cluster Drift Detection coming soon. Continuously monitors cluster membership shifts over time — alerting when users or devices migrate into higher-risk segments.
  • 📋
    Explainable Cluster Profiles Every cluster is described in plain language: which features define it, what makes it anomalous, and which records belong to it.
Live Cluster Preview
5
Risk Clusters Identified
2,847
Records Analyzed
134
High-Risk Records

Healthcare Cluster Analysis Use Cases

Use Case 01

User Risk Segmentation

Group users by authentication behavior, role, location, and device — identifying cohorts that share elevated risk characteristics across multiple dimensions.

Use Case 02

Access Pattern Profiling

Cluster EMR access events by time, record type, volume, and department to detect physicians or staff whose access patterns deviate from their peer group.

Use Case 03

Device & Endpoint Grouping

Segment devices by OS, location, authentication method, and failure rate to surface high-risk endpoint clusters that warrant priority remediation.

Use Case 04

Operational Efficiency Clusters

Analyze clinical workflow data — visit duration, order volumes, escalation rates — to identify process clusters with systemic inefficiencies.

What Makes FoundationDx Different

We are not a broad AI platform. We are purpose-built to uncover anomalies in complex healthcare data environments.

Focused, Not Generic

Purpose-built to uncover anomalies in complex healthcare data environments — not a broad AI platform trying to do everything.

Adaptive Intelligence

Our models use a rolling behavioral baseline (e.g., 60-day learning window) to continuously adjust as user activity evolves.

Hybrid Detection Model

We combine AI-driven insights with configurable rules, ensuring both flexibility and precision across your unique environment.

Reduced Noise, Actionable Findings

We prioritize meaningful alerts — not overwhelming volumes of data that exhaust your security team.

Fast, Flexible Deployment

Available as a managed service or on-premise solution, with minimal overhead and rapid time to value.

Built for Healthcare Scale

Designed for organizations with high data volume but limited internal AI resources — we do the heavy lifting.

Our Position

FoundationDx is a specialist layer that makes existing security investments smarter and more effective in healthcare — not a competitor, but a force multiplier.

Built for Organizations That Need More Than Traditional Tools

FoundationDx is ideal for healthcare organizations that generate high volumes of authentication and operational data and need smarter, faster insight.

  • Health systems and hospitals
  • Critical access facilities
  • Healthcare cybersecurity teams
  • Organizations with high data volume but limited internal AI resources

Start with a Pilot — Not a Long-Term Commitment

We make it easy to get started. No heavy lift. No unnecessary complexity.

1

Analyze a Defined Dataset

Provide a scoped dataset from your environment — we handle the rest.

2

Identify Meaningful Anomalies

Our platform surfaces real risks and anomalies hidden in your data.

3

Deliver Clear Findings

Receive actionable recommendations you can act on immediately.

No heavy lift. No unnecessary complexity.

Proven in Real-World Environments

FoundationDx solutions are currently deployed in healthcare environments analyzing large-scale datasets, uncovering anomalies that would be difficult and time-consuming to detect manually.

Additional use cases include:

  • Cybersecurity log analysis
  • Predictive patient wellness initiatives
  • Data normalization and discovery projects
  • Mixed-data cluster analysis & risk segmentation

Turn Your Data Into Actionable Insight

If you suspect there are risks or inefficiencies hidden in your data, you're probably right. We help you find them — quickly.

★  Special offers for underserved and 501(c) organizations  ★

Duo and Cisco Duo are trademarks or registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. Microsoft 365 is a trademark or registered trademark of Microsoft Corporation in the United States and/or other countries. FoundationDx is not affiliated with, endorsed by, or sponsored by Cisco Systems, Inc. or Microsoft Corporation. All other trademarks, product names, and company names mentioned herein are the property of their respective owners.