Version:

UEBA Analytics Alert Packages

  1. LP_Possible Lateral Movement: Triggered when the UEBA module detects any activity related to Lateral Movement with the risk score defined in the UEBA Board.

  2. LP_Possible Internal Recon: Triggered when the UEBA module detects any activity related to Internal Recon with the risk score defined in the UEBA Board.

  3. LP_Possible Infected Host: Triggered when the UEBA module detects any activity related to Infected Host with the risk score defined in the UEBA Board.

  4. LP_Possible Data Exfiltration: Triggered when the UEBA module detects any activity related to Data Exfiltration with the risk score defined in the UEBA Board.

  5. LP_Possible Compromised Account: Triggered when the UEBA module detects any activity related to Compromised Account with the risk score defined in the UEBA Board.

  6. LP_Possible Account Misuse: Triggered when the UEBA module detects any activity related to Account Misuse with the risk score defined in the UEBA Board.

../_images/UEBA_Triggered_Alerts.png

UEBA Analytics Alerts

Note

Refer to the Defining the Risk Score to Prepare Anomalies for Alerts section for details on changing the value of the risk score.

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support