Through scheduled alerts that query volumes of log records, CA User Activity Reporting Module detects potential control violations and suspicious IT activity. CA User Activity Reporting Module notifies the IT security staff who investigates each alert to determine whether remediation action is required. Typical investigation activities are often routine and well-suited for automation. Through a tight integration between CA User Activity Reporting Module and CA IT PAM, these routine response actions can be performed automatically. IT security staff are free from repetitious tasks to focus on only the most important issues.
CA IT PAM integration lets you create requests in CA Service Desk by running a predefined CA IT PAM event/alert output process from alerts. You can also run custom IT PAM event/alert output processes from CA User Activity Reporting Module that automate other responses to suspicious events.
For details, see the "Working with CA IT PAM Event/Alert Processes" section in the Action Alerts chapter of the CA User Activity Reporting Module Administration Guide.
Copyright © 2013 CA.
All rights reserved.
|
|