Alert Logic® has added two new interactive dashboards to the Alert Logic console for Managed Detection & Response customers. These dashboards allow you to dive deeper into insights around activities related to incidents and login summaries from your authentication logs, as well as details on your authentication incidents and classification.
In July, we announced threat content and incident detection for several authentication application vendors, including OKTA, Auth0, Mirosoft O365 and Azure, SFDC, and Cisco Duo. The Authentication Management Summary and Authentication Management Security dashboards now available help you quickly understand and investigate your authentication application activities and incidents.
Authentication Management Summary Dashboard
The Authentication Management Summary dashboard provides interactive, graphical information on the authentication management application login activities observed in your environment. This dashboard focuses on giving you overview information for the user login activities observed from the authentication management logs. This information can help you quickly understand your authentication application activities and incidents, will allow you to gain insight into your management efforts, and supports your ability to focus your resources on threats in your environment.
This dashboard can be found in the Alert Logic console at Dashboards > Authentication Management Summary.
For more details around this dashboard, see our Authentication Management Summary documentation.
Authentication Management Security Dashboard
The Authentication Management Security dashboard provides interactive, graphical information on authentication management application-related incidents observed in your environment and provides details around frequently triggered security incidents. You can drill down into the security incidents raised from the authentication management application logs based on attack source Geo-location, see incident volume and trends, and view details around top brute force users, sign-in attempts from risky IPs, and multi-factor authentication-disabled users.
This dashboard can be found in the Alert Logic console at Dashboards > Authentication Management Security.
For more details around this dashboard, see our Authentication Management Security documentation.