Abnormal File Activity Detection
Detects unusual behaviors such as mass file deletion, permission changes, or moves in a short period.
Example: 100 file deletions within 1 minute.

Ransomware Activity Detection
Identifies ransomware patterns by analyzing bulk file read, delete, and create events occurring simultaneously.
These trigger immediate alerts.

Folder-Specific Alarm Definition
Allows creation of alarms for sensitive actions in specific folders.
Example: Trigger an alert if more than 10 files are deleted within 5 minutes.

Automatic User Restriction
If defined thresholds are exceeded, the system can automatically disable the related user account.
Actions include session termination and account locking.

File Share Access Termination
In case of suspicious activity or threshold violations, the user's access to the file sharing area is automatically terminated.
This is a critical measure to ensure data security and prevent unauthorized access.

Real-Time Response
Takes immediate action when suspicious activities are detected.
Includes logging, email alerts, or direct admin notification.