What is a suspicious event?

Suspicious events are operations that might potentially leak sensitive data outside a company, and as such present a risk to company data security. Suspicious events might be for example uploading large amounts of files to the web, sending files via instant messaging, or transferring files to removable devices. Safetica NXT only audits outgoing files.

How to recognize a suspicious event?

Suspicious events are highlighted by bold font and red exclamation mark in the User dataflow and Events per user tables. To see the specific reasons why an event was classified as suspicious, hover the mouse on the threat level of that event.