Account Z-Score

Threat Rule: Account Z-Score

The Account Z-Score threat rule detects accounts with group membership outside the standard distribution for accounts. It allows the selection of a min/max Z-Score and a min/max Mean group membership to identify potential outliers for account group membership on a platform. Customers should customize the default rule to fine-tune the min/max values as required for their organization.

The default settings are:

  • Min Z-Score of 3, which means 3 standard deviations above the mean.
  • Score of 10.

img
Default Account Z-Score settings

Report: Account Z-Score

  1. Navigate to Search Library | Group and select Account Z-Score.

    img
    Report and important fields highligted

The Account Z-Score report displays the calculated mean (Group Membership Z-Score) and standard deviation values. Using the filter options, organizations can search for specific ranges to identify accounts that pose a threat. The higher the Z-Score, the higher the potential threat.