- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Cloud SIEM’s Risk Insights for AWS Entities consolidates multiple data sources, such as SIEM threats and CSM insights, into a profile representing a single security entity, such as an IAM user.
With Risk Insights, you can:
On the Risk Insights Explorer, you can view all entities that have a non-zero risk score associated to them.
Click an entity in the Explorer to open the entity side panel.
The What Happened section of the panel summarizes the count of signals, misconfigurations, and identity risks and how they have contributed to the risk score, as well as any potential configuration risks.
The What contributes to the score section displays the list of fired signals, relevant misconfigurations, and identity risks.
The Next steps section of the entity side panel includes the available mitigation steps for SIEM signals, misconfigurations, and identity risks.
An entity’s risk score approximates the entity’s risk level over the past 14 days of activity.
The risk score is calculated from the characteristics of the entity’s associated signals, such as the severity level of the signal and how many times the signal has fired.