The L1-Entity Monitoring - Indicators and Warnings package is designed to identify anomalies dealing with account authentication and management. This package has to be integrated with any Product packages that track account activities. This package could also be integrated with but does not require, the L2-Entity Monitoring-Situational and Awareness package for further detection and investigations.
The idea to have the L1-Entity Monitoring Indicators and Warnings package is to build some common functionality (such as Rules) that can be applied to multiple Product packages. Wherever possible, only the filters will reside within the product packages. Those filters in the product package will then be linked into an OR statement in the null (false) L1 package filter where appropriate.
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
This release contains Mitre Att&ck tagging for the following use cases:
This update includes minor bug fixes.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox