Welcome to
Help Desk

Product Updates
Training
Support
Ideas Contact Support

Auto-Remediation - Unusual Access Issues

Configure & Enable an Auto-Remediation Rule for Unusual Access Issues

Users have the ability to auto-remediate the Unusual Access issues in Secure & Govern. Follow the steps listed to configure and enable auto-remediation rules for Unusual Access issues. 

  • Navigate to Settings -> Analysis Rules
     
  • Select the desired Issue Type as Unusual Access
  • Click on Create an auto-remediation rule
  • Enter Rule Name and Description, then select Next
  • Select ANY or ALL for the match criteria

    When ALL is selected, all the rule conditions must be met for an issue to be auto-remediated.  When ANY is selected, auto-remediation will occur when any of the rule conditions are met.

  • Enter Rule Condition
    • For Unusual Access issue type, there are four conditions available that can be added based on Severity, Sensitive Content, Detection type, and User type.
      • Specify the criteria for the first condition selected and click on Add Condition to specify the criteria for the next condition.
  • Enter Rule Action
    • For Unusual Access issue type, there are three possible actions available which are: Deactivate user account, Dismiss issue(s), and Delegate to selected user. Add one or more actions to the Analysis rule
  • Select Next
  • Select whether or not to Apply this rule to previously detected issues that match the selected criteria and click Next.
  • Review the Rule Configuration and click Create

    The Back button can be selected at any time to change the rule configuration prior to the rule being created.

  • The Auto-Remediation Rule is created

    Currently, only one auto-remediation rule can be created per issue type.

Additional Resources

 

 

Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.