Thanks for the support.
Please give me the detailed message once you get any update.
Original Message:
Sent: Wed July 10, 2024 04:56 AM
From: MIRI LEVY
Subject: Active threat analytics -Policy rules
Hello Santhosh,
I passed your question to the risk spotter's team.
Regards,
------------------------------
MIRI LEVY
Original Message:
Sent: Tue July 09, 2024 05:30 AM
From: Santhosh M
Subject: Active threat analytics -Policy rules
Hi Miri,
In risk spotter apart from default dynamic policy can we add anything? If yes please let me know.
How risk spotter & Analytics helps us to find risky users if we add policy rules ?
Which one we have to analyse to find risky users & take action like risk spotter lists or analytic threats case ?
------------------------------
Santhosh M
Original Message:
Sent: Tue July 09, 2024 05:16 AM
From: MIRI LEVY
Subject: Active threat analytics -Policy rules
Hello Santhosh,
Yes, you can set up a policy rule to be an active threat analytics (ATA) category. We have an API to set it up. There is not limitation on the number of rules you can set up as categories, it's up to you to handle it in a way you can handle and that best fits your business.
see documentation here https://www.ibm.com/docs/en/guardium/11.5?topic=analytics-creating-threat-categories-from-policy-rules.
Regards,
Miri Levy
Product owner. Guardium
------------------------------
MIRI LEVY
Original Message:
Sent: Mon July 08, 2024 12:23 PM
From: Santhosh M
Subject: Active threat analytics -Policy rules
Hi All
Can we add policy & rules in active threat analytics to create threats?
How many monitoring policy rules that we can add in active threat analytics in creating threat categories from policy rules topic?
In risk spotter apart from default dynamic policy can we add anything? If yes please let me know.
Refer : https://www.ibm.com/docs/en/guardium/11.5?topic=policies-creating-installing-policy-policy-rules
------------------------------
Santhosh M
------------------------------