Microsoft Purview compliance portal: Insider Risk Management - Sequence detections for obfuscation involving excluded events
,This change enhances sequence detection to improve its effectiveness in identifying users who are performing obfuscation activities that may result in a data security incident, such as file renaming, to evade detection. With this improvement, Insider Risk Management can detect sequences that may result in potential data security incidents, even if the obfuscation activities in those sequences involve excluded events, such as an excluded keyword. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Expected Release Date:
February CY2024
Preview date: September CY2023
Preview date: September CY2023
