Can someone share their experience working with the watchlists, what exactly happens when users are added to a watchlist? I am in need of giving the security analysts (who do not have admin privileges in Securonix) the ability to update watchlists. The analysts want to assign a high risk score to certain individuals. i.e. if for all users policy X assigned risk score of 0.01, they want to assign a risk score of 1.0 for the same policy X for users on the watchlist. Thoughts on how else I could accomplish this?

asked 21 Apr '15, 06:01

rmurthy's gravatar image

rmurthy
111
accept rate: 0%


IF i understand this correctly,

you have a policy which flags users for a particular violation. the current risk score for them right now is 0.01. the goal is to have a higher risk score for these users.

This can be done by increasing the criticality associated with the policies used to flag the users from Low to High. This will increase the risk score for the users.

Watchlist are used in cases where you want to monitor the users on it separately. eg: A watchlist can be created for HPA users, users with flight risk etc.

link

answered 27 Apr '15, 15:44

mnair's gravatar image

mnair
71149
accept rate: 9%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×2

Asked: 21 Apr '15, 06:01

Seen: 953 times

Last updated: 27 Apr '15, 15:44