Netwrix Threat Manager v3.0
Threat Manager detects and responds to abnormal behavior and advanced attacks against Active Directory and File Systems with unprecedented accuracy and speed. Threat Manager provides programmatic and automated response options when threats are identified. In addition to an extensive catalog of preconfigured response actions, Threat Manager can be configured to integrate with you own business processes using integrated PowerShell or webhook facilities.
Threat Manager can also deliver threat data to administrators in their preferred applications, including Microsoft Teams, Slack, ServiceNow, and a wide variety of SIEM platforms.
Architecture
The following diagram is a visual representation of Threat Manager architecture. It maps out the physical implementation of Threat Manager components.
Administration
Organizations of virtually any size find it to be impossible, even counterproductive, to evaluate the substantial amount of file access events and Active Directory events occurring within their environments on any given day. To overcome this challenge and achieve proper visibility into this otherwise significant blind spot in an organization's cyber security program, Threat Manager® provides built-in threat analytics to highlight the most unusual behaviors that occur within an organization each day. Threat Manager also provides a method to deep dive into activity data using a series of customizable filters to discover threats unique to their organization.
Supported Platforms
Supported platforms include the Active Directory and File system platforms supported for monitoring by either Netwrix Threat Prevention or Netwrix Activity Monitor. See the following product documentation for additional information:
Threat Manager Threats
Threat Manager monitors the following threats. See each section for information on monitored threat types.