Investigation
Use the tools on the Forensics tab to help you investigate.
1.
Use free-form search to search for new or risky behaviors, such as for mobile
users and cloud-based services, by using domain and organizational
knowledge.
2.
Examine suspect content and use Surveyor to cross-reference these behaviors
with existing security rules or practices.
3.
Use free-form search, Surveyor, content reconstruction, and visualization to
analyze alerts from security rules for frequency of false positives.
4.
Use free-form search, Surveyor, content reconstruction, data-pivoting, and
visualization to discover false negatives that are undetected by existing security
rules or practices.
Do'stlaringiz bilan baham: |