Trend Micro analyzes user and device behavior and highlights irregularities that could indicate that you are under attack.
Operations Dashboard assesses user accounts and devices for any unusual activity that may indicate a potential threat. If an assessment highlights events with a "High" or "Medium" risk level, the account or device and risk type information displays in the Anomaly Detections table.
The following table outlines the indicators associated with anomaly detection and the related data sources.
Indicator |
Description |
Data Source |
Target |
---|---|---|---|
Web activity |
Anomalous or malicious network activity |
|
|
Storage usage |
Cloud storage usage (OneDrive/SharePoint/Outlook/Teams) by the account appears abnormal compared to the normal usage by other company accounts |
|
|
User activity |
Abnormal user behavior patterns and preferences |
|
|
Device activity |
Abnormal device behavior patterns and preferences |
|
|