- Threat Detection, Investigation, and Response (TDIR) Use Case Categories
- Threat Detection, Investigation, and Response (TDIR) Use Case Categories Hierarchy
- Compromised Insiders Use Case Category
- External Threats Use Case Category
- Malicious Insiders Use Case Category
Threat Detection, Investigation, and Response (TDIR) Use Case Categories
A powerful, prescriptive, outcome-based approach to using your Exabeam product.
Threat Detection, Investigation, and Response (TDIR) Use Case Categories is an outcome-based framework for using your Exabeam product. It describes what threat you can detect, investigate, hunt, and respond to using a prescribed end-to-end workflow.
For example, if you use Exabeam to tackle a phishing threat, the Phishing use case defines specific rules and models to help detect anomalous email activity, a Phishing incident type to ensure you gather all necessary phishing-related evidence, specific tasks to investigate a phishing incident, and a Phishing turnkey playbook to quickly analyze and respond to the phishing threat.
The TDIR Use Case Categories framework integrates expert knowledge and recommendations into every step of the process. You use standardized, repeatable workflows to address a given threat type, so you quickly define your security operations and ensure you have consistent, effective, and measurable outcomes.
The TDIR Use Case Categories framework organizes threats in a hierarchy so you can break them down from a general type, like Compromised Insiders, to a specific scenario, like Pass the Hash. There are three use case categories: Compromised Insiders, Malicious Insiders, and External Threats.