Use CasesGet Started with Threat Detection, Investigation, and Response (TDIR) Use Case Packages

Malicious Insiders Use Case Package

The Malicious Insiders use case package categorizes all use cases related to malicious insiders.

The Malicious Insiders use case package is a top-level classification that groups all use cases in which someone in your organization intentionally sabotages or steals data for personal reasons or financial gain.

Malicious Insiders use cases include:

  • Data Leak

  • Privileged Abuse DOCUMENTATION COMING SOON

  • Data Access Abuse DOCUMENTATION COMING SOON

  • Audit Tampering DOCUMENTATION COMING SOON

  • Destruction of Data DOCUMENTATION COMING SOON

  • Physical Security DOCUMENTATION COMING SOON

  • Workforce Protection DOCUMENTATION COMING SOON

  • Abnormal Authentication and Access DOCUMENTATION COMING SOON

Data Leak Use Case

Learn about the Data Leak use case and what Exabeam functionalities are aligned to solve it.

The Data Leak use case describes when an employee, partner, or contractor illicitly transfers data outside your organization.

In the Threat Detection, Investigation, and Response (TDIR) Use Case Package hierarchy, the Data Leak use case falls under the Malicious Insiders use case package. It contains specific scenarios, including:

  • Data Leak

  • Data Leak via Email

  • Data Leak via Printer

  • Data Leak via Removable Device

  • Data Leak via Web

In Case Manager, use the out-of-the-box Data Leak incident type to standardize incident fields, phases, and tasks for data leak incidents.Data Leak Incident TypeIncident FieldsExabeam PhasesExabeam Tasks