We are delighted to introduce the Public Preview for the Anomalous RDP Login Detection in Azure Sentinel’s latest machine learning (ML) Behavior Analytics offering. Azure Sentinel can apply machine learning to Windows Security Events data to identify anomalous Remote Desktop Protocol (RDP) login activity. Scenarios include:
As the machine learning algorithm requires 30 days' worth of data to build a baseline profile of user behavior, you must allow 30 days of Security events data to be collected before any incidents can be detected.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.