User insights

The User insights panel displays detailed information about specific user activities.

Click on a specific user, to display the Timeline view. Next, click the User insights button. The panel expands to display additional information about each activity. These detailed views allow you to analyze and mitigate risks.

1

Alerts summary: Displays the categorized lists of generated alerts.

2

Device usage: Displays the removable device usage statistics for the selected user.

2a

Detected Devices: Displays the removable storage device connected to the endpoint.

2b

Files transferred: Captures the volume of data transferred to and from removable storage devices.

3

Alerts and risk history: Displays the trend of the user risk score and alerts generated for the selected user over the chosen time frame.

Selecting Risk from the tab shows the plot of the risky user activity over the selected period.

Selecting Alerts from the tab shows the plot of the alerts generated over the selected period due to risky user activity.

4

Data movement: Displays the movement of the user's data by destination or channel during the specified time frame. You can select either Channel or Destination to filter by channel or destination. For example, say you selected Channel, then you can view all related alerts and channels.

Say, if you selected Destinations, then then you can view all related alerts and destinations.

5

Detected behavior: Displays the top matched rules for each alert category detected over the specified time frame. Use the drop-down menu category to filter alerts by category.

Per widget User insight details can also be printed to a PDF report using the icon. Also, you can export the zip of transferred files for inspection.