Insider threats are arguably more dangerous than external hacks. While external hackers need to get through peripheral network devices, malicious insiders already reside within the network. Further, insiders know just where sensitive data resides. Building effective frameworks for detecting insider threats remains an open challenge. In this webinar, we'll attempt to build a structured approach for insider threat detection in the year 2020 and beyond.
Continuously track user logons, and audit everything from logon failures to history. Leverage instant alerts and UBA to detect suspicious activities, such as a spike in logon failures, and unusual time of logon for a particular user. Automate the generation of logon audit trails to pass compliance audits such as SOX and the GDPR.
Track the creation, deletion, and renaming of groups. Receive information about who made what change, to which group, and when. Detect the addition of new members to and the removal of existing members from all groups. Know the before and after values for all changed attributes, including critical ones such as type and scope attributes.
Continuously track the who, what, when, and where behind every file access along with failed attempts to access a file. Monitor file owner and permission (SACL and DACL) changes, and receive information on before and after values. Track access across Windows, NetApp, EMC, Synology, Huawei, and Hitachi file systems.
© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.