Threat Center - Adaptive Shield

Threat Center

Detect and Respond to Identity-Centric Threats

Detect threats that indicate ransomware attacks, data breaches, and corporate espionage

Let’s Get Technical

Adaptive Shield’s Identity Threat Detection and Response (ITDR) capabilities feature a set of security measures designed to detect and respond to identity-related security threats based on key Indicators of Compromise (IOCs). The platform’s threat detection engines cross-reference and analyze in-context Unusual Entity & User Behavior (UEBA) from multiple sources, enabling the accurate detection of very complex and subtle threats. Each threat in the Threat Center includes the context of the event, a recommended investigative approach, contacts who require notification, and mitigation steps.

From Threat Prevention to Protection

As a means of prevention, SSPM operates as the security layer in the Identity Fabric to establish robust user governance. As a second layer of threat protection, ITDR provides extensive coverage in detecting SaaS-related threats, such as password-based attacks, IP behavior anomalies, OAuth-based attacks, unauthorized document access, unusual user agent activities, and more.

How This Can Help You

Tactics, Techniques, and Procedures (TTP)

Collect evidence indicating that the organization’s SaaS apps are under attack or have been compromised by identifying common Tactics, Techniques and Procedures (TTPs) used by adversaries. This is done by detecting Indicators of Compromise (IOC) and User & Entity Behavior Analytics (UEBA). Adaptive Shield cross-references activities and detects in-context suspicious events such as unusual geo-location, user profiles, excessive authentication attempts, brute force attacks, API anomalies, excessive events or downloads, network information, malware detection and more


Improve threat detection and incident response based on the MITRE ATT&CK framework

Alerts and SIEM & SOAR Integrations

Receive timely notifications in multiple channels such as email, Slack, or Teams, indicating potential threats that requires immediate investigation or response. Seamlessly integrate with your existing Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) tools, to improve threat correlation and incident response efficiency

Remediation Guidance

Get actionable insights and step-by-step guidance to address and mitigate vulnerabilities, weaknesses, or compromises in the event of a security incident



Identity Threat Detection & Response: Solution Brief

Identity Threat Detection and Response (ITDR) – Rips in Your Identity Fabric

The Ultimate SaaS Security Checklist 2025 Edition