From the course: Identity Threat Protection with Sentinel
Unlock the full course today
Join today to access over 23,200 courses taught by industry experts.
Enabling UEBA for identity threat detection in Sentinel
From the course: Identity Threat Protection with Sentinel
Enabling UEBA for identity threat detection in Sentinel
- [Instructor] Imagine you're the leader of a top secret spy team, where every member's behavior is predictable and in line with the mission. One day you notice a change. A trusted spy starts acting out of character, visiting places they've never needed to go at hours that don't make sense. This change in behavior triggers an alarm prompting an immediate investigation to protect the team's secrets. This is not a scene from a spy movie. It's a real world application of user and entity behavior analytics, UEBA in cybersecurity, just like our fictional spy team, UEBA helps organizations to detect when someone within their ranks start acting suspiciously, potentially posing a threat to the organization's digital assets. UEBA is important for a few reasons. Firstly, advanced detection. It goes beyond static security rules using machine learning to understand normal behavior and flag deviations. UEBA is also important for spotting potentially malicious actions from within, whether it's from…
Contents
-
-
-
-
(Locked)
Getting started with Sentinel: Initial setup3m 37s
-
Configuring Sentinel for IAM: Fundamental steps4m 34s
-
(Locked)
Tailoring Sentinel configuration for robust IAM security3m 6s
-
(Locked)
Enabling UEBA for identity threat detection in Sentinel3m 17s
-
(Locked)
Challenge: Configuring Sentinel for a hypothetical scenario35s
-
(Locked)
Solution: Configuring Sentinel for a hypothetical scenario1m 29s
-
(Locked)
-
-