High-risk activity
Sophos Cloud Optix uses artificial intelligence (AI) to detect high-risk activity.
AI identifies high-risk events in cloud platform activity logs. It looks for activities that are unusual for particular identity access management (IAM) entities to perform.
Detected events are labeled as High-risk on the Activity Logs page and the dashboard.
Examples of events that could be labeled as high-risk are:
- Security Group changes
- NACL (Network Access Control List) changes
This helps you to focus on the most important issues.