Threat Review

Data Security Essentials is continuously monitoring all access to all file systems, and if it identifies suspicious access behavior, it triggers an alert.

Open Data Security Essentials and navigate to Threat Detections. Here, you will find all active alerts along with critical forensic events leading up to each incident, detailing who accessed which files, when, and what actions were taken.

When Data Security Essentials identifies suspicious behavior, it takes two key defensive actions:

1. The offending user is blocked based on the response settings configured for the policy triggers.
2. The storage team can be notified if notification settings for these policy triggers have been configured.