Privileged Activity Use Case

Threat Detection, Investigation, and Response (TDIR) Use Case Categories
Threat Detection, Investigation, and Response (TDIR) Use Case Categories Hierarchy
Compromised Insiders Use Case Category
External Threats Use Case Category
Malicious Insiders Use Case Category

Learn about the Privileged Activity use case and what Exabeam functionalities protect against it.

The Privileged Activity use case describes when privileged accounts and assets behave unusually and when non-privileged users do things that typically requires privileges.

In the Threat Detection, Investigation, and Response (TDIR) Use Case Categories hierarchy, the Privileged Activity use case falls under the Compromised Insiders use case category. It contains specific scenarios, including:

Activity on Domain Controllers
Disabled Account Activity
Executive Account Activity
Privileged Account Activity
Privileged Asset Activity
Privileged Process Execution

In Case Manager, use the out-of-the-box Privileged Activity incident type to standardize incident fields, phases, and tasks for privileged activity incidents.

View more information privileged activity and tips on configuring the use case on the Exabeam Community.

Use CasesGet Started with Threat Detection, Investigation, and Response (TDIR) Use Case Categories

Table of ContentsTable of Contents

Privileged Activity Use Case