chapters
Executive summary
Centralized reporting with Data Protection Advisor
Anomaly reporting with Data Protection Advisor analysis engine
Working with external data sources
Data Protection Advisor integration with Splunk for cyber threat anomaly detection
Summary
Executive summary
Centralized reporting with Data Protection Advisor
Anomaly reporting with Data Protection Advisor analysis engine
-
1Anomaly reporting with Data Protection Advisor analysis engine
-
2Analysis Engine workflow
-
3Analysis Policy and rules
-
4Recommended cyber threat anomaly detection rules
-
5Example of Analysis Policy - Detecting higher rate of change in backups
-
6Recommendations for analysis engine policy
-
7Rules customization