NetWitness Customer Survey Help us understand how you monitor and respond to incidents related to your Assets and Identities Question Title * 1. How does your enterprise track assets? Question Title * 2. Do you handle incidents differently based on system impacted? Question Title * 3. Can you connect systems to business functions? Question Title * 4. Do you have a CMDB? What vendor are you using? How up to date is the deployment? Question Title * 5. What detection rules do you leverage today that trigger from denied access attempts (logins/failed file shares)? Question Title * 6. Is there detection logic you would like to impement, but can't due to limitations? Question Title * 7. Have you implemented any home grown/one-off solutions that focus on identifing suspicious users connects? Question Title * 8. How do you change monitoring for terminated users? Question Title * 9. If you have a flagged user, how does their monitoring change? Question Title * 10. Are Insider threats a priority? Question Title * 11. Are you evaluating any UEBA vendors? Yes No Done