Article Description | Support | AIE Rules/Alarms | Investigations | Reports |
|---|
Article 17: Right to erasure | Augment | CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Abnormal Origin Location CCF: Blacklist Location Auth
CCF: Local Account Created and Used CCF: Corroborated Data Access Anomalies CCF: Corroborated Account Anomalies
CCF: Abnormal Amount of Data Transferred CCF: Large Outbound Transfer
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Social Media Event
CCF: Unknown User Account Alarm | CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv | CCF: GeoIP Summary
CCF: Social Media Summary CCF: Object Access Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: User Object Access Summary CCF: Applications Accessed By User Summary
CCF: Unknown User Account Detail CCF: Host Access Granted And Revoked Detail |
Article 18: Right to restriction of processing | Augment | CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Social Media Event
CCF: Blacklist Location Auth
CCF: Corroborated Data Access Anomalies CCF: Data Loss Prevention Rule
CCF: Data Destruction
CCF: Data Exfiltration Observed
CCF: Abnormal Amount of Data Transferred CCF: Large Outbound Transfer
CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Disabled Account Auth Success CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Distributed Brute Force CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Corroborated Account Anomalies
CCF: Abnormal Origin Location CCF: Unknown User Account Alarm | CCF: Suspicious Users Inv CCF: User Misuse Inv
CCF: Applications Accessed Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users CCF: User Misuse Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Unknown User Account Detail CCF: Host Access Granted And Revoked Detail |
Article 21: Right to object | Augment | CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Disabled Account Auth Success CCF: Local Account Created and Used CCF: Abnormal Origin Location
CCF: Unknown User Account Alarm | CCF: Suspicious Users Inv CCF: Applications Accessed Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv CCF: GeoIP Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: GeoIP Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 22: Automated individual decision- making, including profiling | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 24: Responsibility of the controller | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Abnormal Origin Location CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv CCF: GeoIP Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 25: Data protection by design and by default | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Large Outbound Transfer
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: Social Media Event CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv CCF: GeoIP Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 32: Security of processing | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: Social Media Event CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv CCF: GeoIP Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 33: Notification of a personal data breach to the supervisory authority | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer CCF: Misuse Rule
CCF: Local Account Created and Used CCF: Disabled Account Auth Success CCF: Distributed Brute Force
CCF: External Brute Force Auths CCF: Critical Event After Attack
CCF: Corroborated Data Access Anomalies CCF: Corroborated Account Anomalies CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error
CCF: Concurrent VPN from Multiple Locations CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Unknown User Account Detail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Rogue Access Point Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary
CCF: Rogue Access Point Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 34: Communication of a personal data breach to the data subject | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer CCF: Misuse Rule
CCF: Local Account Created and Used CCF: Disabled Account Auth Success CCF: Distributed Brute Force
CCF: External Brute Force Auths CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Corroborated Data Access Anomalies CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error
CCF: Concurrent VPN from Multiple Locations CCF: Malware Alarm
CCF: Early TLS/SSL Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Unknown User Account Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Rogue Access Point Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary
CCF: Rogue Access Point Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 35: Data protection impact assessment | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 40: Codes of conduct | Augment | CCF: Social Media Event CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Corroborated Data Access Anomalies CCF: Backup Information
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Local Account Created and Used CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Abnormal Origin Location CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Backup Failure Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm | CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Host Access Granted And Revoked Inv
CCF: Backup Activity Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 44: General principle for transfers | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Corroborated Data Access Anomalies CCF: Corroborated Account Anomalies
CCF: Concurrent VPN from Multiple Locations CCF: Social Media Event
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Abnormal Origin Location
CCF: Blacklist Location Auth
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Local Account Created and Used CCF: Unknown User Account Alarm CCF: Non-Encrypted Protocol Alarm CCF: Early TLS/SSL Alarm | CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Host Access Granted And Revoked Inv
CCF: Backup Activity Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 45: Transfers on the basis of an adequacy decision | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Corroborated Data Access Anomalies CCF: Corroborated Account Anomalies CCF: Social Media Event
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Abnormal Origin Location
CCF: Blacklist Location Auth
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Concurrent VPN from Multiple Locations CCF: Local Account Created and Used
CCF: Non-Encrypted Protocol Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm | CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Host Access Granted And Revoked Inv
CCF: Backup Activity Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 46: Transfers subject to appropriate safeguards | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 47: Binding corporate rules | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
Article 90: Obligations of secrecy | Augment | CCF: FIM Abnormal Activity CCF: FIM Add Activity Rule CCF: FIM Delete Activity Rule CCF: FIM Information Rule CCF: FIM General Activity
CCF: Data Loss Prevention Rule
CCF: Abnormal Amount of Data Transferred CCF: Data Destruction
CCF: Data Exfiltration Observed CCF: Large Outbound Transfer
CCF: Disabled Account Auth Success CCF: Misuse Rule
CCF: Social Media Event CCF: Backup Information
CCF: Attack then External Connection CCF: Config Change After Attack
CCF: Config Change then Critical Error CCF: Config Deleted/Disabled
CCF: Config Modified
CCF: Local Account Created and Used CCF: External Brute Force Auths
CCF: Auth After Numerous Failed Auths CCF: Auth After Security Event
CCF: Corroborated Data Access Anomalies CCF: Distributed Brute Force
CCF: Blacklist Location Auth
CCF: Concurrent VPN from Multiple Locations CCF: Critical Event After Attack
CCF: Corroborated Account Anomalies CCF: Abnormal Origin Location
CCF: Social Media Event CCF: GeoIP General Activity
CCF: GeoIP Blacklisted Region Activity CCF: Blacklist Location Auth
CCF: Malware Alarm
CCF: Non-Encrypted Protocol Alarm CCF: Rogue Access Point Alarm
CCF: Suspected Wireless Attack Alarm CCF: Time Sync Error Alarm
CCF: Vulnerability Detected Alarm CCF: Early TLS/SSL Alarm
CCF: Unknown User Account Alarm CCF: Backup Failure Alarm
CCF: LogRhythm Silent Log Source Error Alarm CCF: Critical/PRD Envir Config/Policy Change Alarm
CCF: Critical/PRD Envir Patch Failure Alarm CCF: Critical/PRD Envir Signature Fail Alarm | CCF: Suspicious Users Inv
CCF: Use Of Non-Encrypted Protocols Inv CCF: User Misuse Inv
CCF: Backup Activity Inv
CCF: Applications Accessed Inv CCF: Compromises Detected Inv
CCF: Host Access Granted And Revoked Inv
CCF: LogRhythm Data Loss Defender Log Inv
CCF: Object Access Inv CCF: User Object Access Inv
CCF: Config/Policy Change Inv CCF: Critical Environment Error Inv CCF: Malware Detected Inv
CCF: Patch Applied Inv CCF: Physical Access Inv
CCF: Rogue Access Point Inv CCF: Signature Failure Inv
CCF: Suspected Wireless Attack Inv CCF: Time Sync Error Inv
CCF: Vulnerability Detected Inv CCF: GeoIP Inv
CCF: Social Media Inv
CCF: Unknown User Account Inv | CCF: Top Suspicious Users
CCF: Use Of Non-Encrypted Protocols Summary
CCF: User Misuse Summary CCF: Backup Activity Summary
CCF: Applications Accessed By User Summary
CCF: LogRhythm Data Loss Defender Log Summary
CCF: Object Access Summary CCF: User Object Access Summary
CCF: Config/Policy Change Summary CCF: Critical Environment Error Summary
CCF: Malware Detected Summary CCF: Patch Applied Summary CCF: Physical Access Summary
CCF: Rogue Access Point Summary CCF: Signature Failure Summary CCF: Suspected Wireless Attack Summary
CCF: Time Sync Error Summary
CCF: Vulnerability Detected Summary CCF: GeoIP Summary
CCF: Social Media Summary
CCF: Host Access Granted And Revoked Detail
CCF: Unknown User Account Detail |
