Privileged Logons

Privileged users have access to the most critical resources in an organization. The prime objective of most attackers is to compromise a privileged account to either exfiltrate information or hijack an organization with ransomware demands. Tracking privileged user activity is a critical part of any organization’s security footprint and important for compliance and governance.

The Privileged Users Logons sub-panel tracks all successful and unsuccessful logon activity for privileged users in the organization.

Visuals

  • Failed Logons – Bar chart of failed privileged users’ logons within the specified time frame. Click on a user to view nodes where logons were attempted. Right-click on a user and drill down to ‘Details’ to view a detailed report that can be downloaded or emailed.
  • Failed Logon Nodes – Nodes where privileged failed logons occurred.
  • Logon Operations – Displays the types of logon events for all privileged successes and failures.
  • Successful Logons – Bar chart of successful privileged users’ logons within the specified time frame. Click on a user to view nodes where logons occurred.
  • Successful Logon Nodes – Nodes where privileged successful logons occurred.
  • Targeted Hosts – Hosts where all privileged logon activity occurred.
Contact Us