Detection Review
The Emanate Security Platform (ESP) comes with pre-loaded behavioral detections designed to identify suspicious and non-compliant behavior occurring in your organization. These detections come pre-built with sane-defaults included in their configurations.
In order to ensure that each detection aligns with your organization's risk profile, certain configuration details can be adjusted on each detection.
For example, a very simple detection is a Brute Force attack.
Observed X consecutive incorrectly entered passwords in Y minutes.
Observed 3 consecutive incorrectly entered passwords in 5 minutes.
X = Number of incorrectly entered passwords. Y = Number of minutes.
From a reporting perspective, each detection is enabled automatically. This allows for you to understand the frequency of a given detection, and do any global tuning prior to enabling any security event automation.
Once you've decided to enable security event automation for a given detection, it will be enabled for all user records in your account.
For a complete view of available detections, please consult your Emanate Security Customer Success Representative.
Last updated