Behavioral Security

Reveille enables you to look at activity on your CSPcontent services platform systems from the user’s perspective. You can build out your security baseline to:

• Establish normal patterns of behavior for every authorized user.
• Cordon off behavioral and access-based security needs.
• Automate deviation detection so no phony activity goes unnoticed.

Reveille makes it quite easy to run reports and:

• Automatically corroborate user credentials.
• Flag invalid account usage (system accounts in production)
• Monitor every IP access point.
• Recognize invalid login patterns or strange access locations.
• Respond to abnormal behavior fast with automated notifications, alerts and actions.

In this scenario, you want to know when users are accessing your SharePoint application. To create reports about application usage:

1. In the left menu, click Add Dashboard. The Create New Dashboard dialog box opens.

2. Enter a dashboard Description, such as Behavioral Security.

3. Enter a Menu Name, such as Security.

4. Under Dashboard Privacy, select Public to make the new dashboard available to all users.

5. Pick a Dashboard Icon.

6. Under Cards: Add a card and title it Exceptions

7. Select Application Report as the card type.

8. Click Create. Your new dashboard and card are displayed.

9. On the right side of the dashboard, click the gear icon. The Behavioral security card dialog box opens.

10. Add two Visuals: User Exceptions and Document Exceptions.

11. Click Save changes. The Exceptions dashboard appears.

    

12. Under Generate Reports, you can create a sample report by choosing:

Reports for: Applications

Application: SharePoint

Report type: Top Users