Outbound Transfer Attempts

The Outbound Transfer Attempts machine learning model monitors outbound traffic usage for each user and alerts on abnormal behavior.

Enable the Outbound Transfer Attempts model to display outbound traffic usage for each user on the User Details page. When the actual number of transfer attempts exceeds the model’s predicted number, a Sense Event is generated to increase the user’s risk score.

Event name

UBA : Abnormal Outbound Transfer Attempts

sensevalue

5

Required configuration

Custom event property Bytes Sent must exist for the desired log source type.

Log source types

Pulse Secure Pulse Connect Secure, Fortinet FortiGate Security Gateway, Blue Coat SG Appliance, Juniper SRX Series Services Gateway, Microsoft ISA, Citrix NetScaler