StealthINTERCEPT’s Advanced Attack Analytics are integral to understanding potential internal threats through authentication activity. While having this information at your fingertips is great, no one has time to watch a screen all day. Just like our Change Alerting, Analytics can be enabled for all our various alert capabilities as well.
Simply select the Configuration option at the top left of the console window, then the Alerts option. Next, select the Analytics set on the left-hand side of the window in either the Email or SIEM tabs. Now it is just a matter of checking the Analytics Policies you want alerts for! Personally, the analysis we like to be alerted on is Horizontal Movement Attacks because once the bad guys are in, they want to discover what’s available to them.
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Jeff is a Senior Engineer at STEALTHbits.