From a cyber-security perspective, deploying the endpoint agent to a system running a server is typically sufficient to identify a compromise of that system. However, endpoint coverage does not offer application-specific monitoring that detects, for example, if the system is operating normally or the application hosted by the server suffered a credential breach.
In these cases, Field Effect provides application-specific security monitoring for supported applications, such as Microsoft Exchange. For unsupported applications, a custom analytic would need to be developed.
In many cases, custom application monitoring is not required since the endpoint agent and network monitoring will likely identify security threats. A discussion with Field Effect will help assess your need.
It’s important to note that beyond raw data, Field Effect does access audit logs that are published by and made available by cloud service providers (Microsoft 365, Google Workspace) and operating systems (Windows event logs). Furthermore, customers may request an integration that can analyze with specific low-volume log sources for additional analytics, as part of their Field Effect monitoring.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article