StealthINTERCEPT’s Advanced Attack Analytics are integral to understanding potential internal threats through authentication activity. While having this information at your fingertips is great, no one has time to watch a screen all day. Just like our Change Alerting, Analytics can be enabled for all our various alert capabilities as well.
Simply select the Configuration option at the top left of the console window, then the Alerts option. Next, select the Analytics set on the left-hand side of the window in either the Email or SIEM tabs. Now it is just a matter of checking the Analytics Policies you want alerts for! Personally, the analysis we like to be alerted on is Horizontal Movement Attacks because once the bad guys are in, they want to discover what’s available to them.
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Jeff is a Senior Engineer at Stealthbits – Now part of Netwrix.
Related Posts
- PROTIP – How to Purge Data in StealthAUDIT
- PROTIP – Fulfill a DSAR with StealthAUDIT 11.0
- Best Practices – Setting up StealthAUDIT SQL Server Database
- ProTip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for Oracle
- Pro Tip – StealthINTERCEPT DB Maintenance Best Practices
- PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks
- PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT
- Protip: How to Setup User Activity & Database Logon Scans in StealthAUDIT for Oracle
- ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer
- Protip: How to Setup User Activity & Server Logon Scan in StealthAUDIT for SQL
Leave a Reply