Field Effect can identify changes in AWS security configurations, security errors like exposed S3 buckets. When Field Effect is monitoring Office365, it is monitoring Microsoft’s Azure platform. This allows Field Effect to alert on other features, such as OneDrive. An example of a Field Effect alert is to identify large/bulk/uncharacteristic data syncs from within the domain to outside the domain (e.g., an employee synchronizing a company SharePoint to an offline device, like a workstation). This would fall into the category of “Data Loss Detection”. This detected behavior could be present because of an insider threat, or a threat actor stealing company data.
Field Effect also supports Microsoft vTAP infrastructure. This allows Field Effect to be virtualized to provide very sophisticated and easily deployed network monitoring on cloud-deployed VMs with the same resolution and capability as on-premises networks. This type of deployment would require planning with the client.
In addition, having cloud, endpoint and network sensors in place enables Field Effect to reduce false positive alerts and provide greater detection precision related to account compromises. Having this combined information allows Field Effect to build smarter data models for each client and create more intelligent User and Entity Behavior (UEBA) data sets that are used to identify data loss, system and account compromise.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article