Release Date: January 8, 2024 Secure & Govern 20.3 Release
Unusual Access - Added User Information to UI, Public API & SIEM
User information has been added to the Secure and Govern Issues View, Issues API and SIEM integrations. The additional user details will provide customers the user information to more quickly address Unusual Access Detections. The following user information has been added.
Link to Public API (SIEM field format)
Secure and Govern Issues View (Under User Info)
- IP Address
- Location
- Entry Point (Web UI, Desktop App, etc...)
- Device/Host Name
- Operating System
Secure and Govern Issues API and SIEM Integrations
- The following will be found under “violationDetails/machineDetails”
- IP Address
- Location
- Entry Point (Web UI, Desktop App, etc...)
- Device/Host Name
- Operating System
Probable Ransomware - Added Device/Host Name to UI, Public API & SIEM
The user device/host name has been added to the Secure and Govern Issues View, Issues API and SIEM integrations. The additional user details will provide customers the user information to more quickly address a potential Ransomware attack. The following user information has been added.
Link to Public API (SIEM field format)
Secure and Govern Issues View (Under User Info)
- Device/Host Name
Secure and Govern Issues API and SIEM Integrations
- The following will be found under “violationDetails/machineDetails”
- Device/Host Name
Selective Scanning of SharePoint Online Sites
When configuring a SharePoint Online content source in Secure & Govern, you can now specify which sites you want to include for scanning. Sites not included will not have any data analyzed by any of the Secure & Govern functionalities.