High-risk activity

Sophos Cloud Optix uses artificial intelligence (AI) to detect high-risk activity.

AI identifies high-risk events in cloud platform activity logs. It looks for activities that are unusual for particular identity access management (IAM) entities to perform.

Detected events are labeled as High-risk on the Activity Logs page and the dashboard.

Examples of events that could be labeled as high-risk are:

  • Security Group changes
  • NACL (Network Access Control List) changes

This helps you to focus on the most important issues.