Reviewing Leaked Credentials Security Events
The ERM Leaked Credentials page provides a list of security events for all compromised credentials associated with your organization.
To view the ERM Leaked Credentials page, access the Avanan Administrator Portal. From left navigational panel, click Leaked Credentials.
-
The ERM Leaked Credentials page appears only when you have a valid license for the Leaked Credentials add-on.

-
If the ERM Leaked Credentials add-on is enabled, the system creates a security event with the threat type Anomaly on the Events page when it detects newly discovered leaked credentials.
You can filter the Events table by the Threat Type: Anomaly. See Events.

-
If SIEM forwarding is enabled, the system forwards security events with the Anomaly threat type to their SIEM.