New Blog | Effective novelty detection in cloud security domain

In cloud security domain, we often need to monitor entities – such as users, IP addresses, applications, or access tokens – and their patterns of behavior. We might want to detect ‘novelties’ – unexpected and previously unseen values of these entities - which can indicate security issues. Some examples of such scenarios are:

• IP address belonging to a previously unseen ASN range accesses cloud storage.
• Previously unseen application logs to SQL database.
• A new user logs to an administration portal.

Read the full blog post: Effective novelty detection in cloud security domain - Microsoft Community Hub