Microsoft Purview compliance portal: Insider Risk Management- Alert Spotlighting

Originally posted by Microsoft Aug 13, 2024 Uncategorized 0 Comments

On the alert list page, high priority alerts will be spotlighted to help analysts prioritize the most important alerts first. Alerts are spotlighted based on predefined rules which are common across all tenants across all industries. Alert Spotlighting feature was developed to assist admins in prioritizing alerts to be triaged. Every generated alert has a risk score, a list of activities performed, tags, and triggers.

The Alert Spotlighting feature uses this information to decide whether an alert can be spotlighted. Based on a detailed study of alert triage patterns across tenants, we have developed a rule-based algorithm to spotlight alerts that would be of importance to admins, based on historical volume analysis.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Product
Release phase General Availability
Release date December CY2024
Preview date: August CY2024
Platform Web
Cloud Instance GCC, Worldwide (Standard Multi-Tenant), DoD, GCC High
Created 2024-08-13
Roadmap ID 409967
Roadmap Link https://www.microsoft.com/microsoft-365/roadmap?featureid=409967

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: