Microsoft Purview compliance portal: Insider Risk Management – Sequence detections for obfuscation involving excluded events

Originally posted by Microsoft May 31, 2023 Uncategorized 0 Comments

This change enhances sequence detection to improve its effectiveness in identifying users who are performing obfuscation activities that may result in a data security incident, such as file renaming, to evade detection. With this improvement, Insider Risk Management can detect sequences that may result in potential data security incidents, even if the obfuscation activities in those sequences involve excluded events, such as an excluded keyword. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Product
Release phase General Availability
Release date January CY2024
Preview date: August CY2023
Platform Web
Cloud Instance Worldwide (Standard Multi-Tenant)
Created 2023-05-31
Roadmap ID 124970
Roadmap Link https://www.microsoft.com/microsoft-365/roadmap?featureid=124970

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: