Director InfoSec and Audit at a manufacturing company with 1,001-5,000 employees
Real User
2020-12-26T18:16:59Z
Dec 26, 2020
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you 24x7x365? Cynet CyOps has been there for us.
Find out what your peers are saying about CyberArk, Amazon Web Services (AWS), Proofpoint and others in User Activity Monitoring. Updated: November 2024.
Notifies for any high risk or suspicious activities like risky command execution in UNIX or registry changes in windows.
Maybe, look for solutions that capture diverse user actions and provide advanced analytics for early detection and prevention.
Examining this "Deep & Wide" area at this individualized criteria level will not likely be the answer any CIO is looking for.
Additionally, since it is an issue for both Privileged and Unprivileged account activities, the alert criteria will differ for each.
Where are you planning this tool to be situated: for outside in, inside intra network or access through a PAM solution?
You should look at this more holistically and not just sum of the parts.
I believe this question is related to User Activity Monitoring solution. If yes, then below would be some key aspect.
1. Easy of use
2. Ability to scale up and capable to handle large dataset to create good baseline.
3. Ability to integrate with other solution like SIEM, SOAR, EDR
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you 24x7x365? Cynet CyOps has been there for us.
The primary user activities that interest me are the number of logins and failed logins.