- Threat Detection, Investigation, and Response (TDIR) Use Case Categories
- Threat Detection, Investigation, and Response (TDIR) Use Case Categories Hierarchy
- Compromised Insiders Use Case Category
- External Threats Use Case Category
- Malicious Insiders Use Case Category
Privileged Activity Use Case
Learn about the Privileged Activity use case and what Exabeam functionalities protect against it.
The Privileged Activity use case describes when privileged accounts and assets behave unusually and when non-privileged users do things that typically requires privileges.
In the Threat Detection, Investigation, and Response (TDIR) Use Case Categories hierarchy, the Privileged Activity use case falls under the Compromised Insiders use case category. It contains specific scenarios, including:
In Case Manager, use the out-of-the-box Privileged Activity incident type to standardize incident fields, phases, and tasks for privileged activity incidents.
View more information privileged activity and tips on configuring the use case on the Exabeam Community.