Change Auditor Threat Detection 7.0.2 - User Guide

Introduction to Change Auditor Threat Detection

 

Overview

Detecting suspicious activity by rogue users is a difficult challenge. The traditional rule-based approach to user threat detection generates too many alerts to investigate. As a result, you waste time with false positives and risk missing the real threats, leaving your organization at risk of a data security breach.

To effectively protect your data and your business, Change Auditor Threat Detection uses advanced machine learning, user and entity behavioral analytics (UEBA), and SMART correlation technology to spot anomalous activity and identify the highest risk users in your environment.

More specifically, Change Auditor provides a threat detection solution that:

This guide gives information about the Threat Detection dashboard functions and capabilities for IT and security analysts. It is also relevant to chief information security officers, security architects, network administrators, and auditors responsible for information security in large organizations who need to understand the functionality and abilities made possible using the solution.

Which Change Auditor modules are monitored?

Threat Detection analyzes Change Auditor events to build a user behavior baseline and to detect anomalies and threats. User activity from the following Change Auditor subsystems is streamed to the Threat Detection server for processing to build the global map of users, groups, systems and files in your environment:

Threat Detection server events

Threat Detection server activity is also monitored. Events are generated when:

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
联系我们
获得许可 帮助
技术支持
查看全部
相关文档