Views:

View information about the Account Compromise risk factor, which highlights user accounts that display unusual activity, have been detected on the dark web, or have been targeted by malicious email campaigns.

Operations Dashboard assesses user accounts for any activity that might indicate potential account compromise. If an assessment of an account highlights events with a High or Medium risk level, the account and risk type information displays in the Account Compromise Indicators table. The Account Compromise risk factor contributes to the Exposure Index.
Note
Note
For customers that have updated to the Foundation Services release, information on the Account Compromise risk factor is only available for users with the Accounts asset visibility scope.
The following table outlines the widgets available in the Account Compromise section.
Widget
Description
Account Compromise Indicators
Events on user accounts that display unusual activity, have been detected on the dark web, or that have been targeted by malicious email campaigns, and might be compromised and require immediate attention.
The following table describes the risk indicators associated with the Account Compromise risk factor.
Indicator
Description
Data Sources
Target
Compromised account
At-risk user accounts that exhibited anomalous activities or were specifically targeted by malicious email campaigns during the evaluation period
  • Microsoft Entra ID
  • Okta
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Email Sensor
  • Endpoint Sensor
  • User