Events that provide visibility into management operations performed on resources on the cloud account are captured with this feature.
Examples of these operations are things like S3 Bucket Deletion or changing RDS access from Private to Public. These are considered serious risks which is why these types of operations are captured and recorded.
Details for these operations are extracted from the AWS CloudTrail - either default Normalyze trail or Custom trail. Events and the related details captured are categorized and listed for review with sortable columns and filters.
Currently, this feature is available only for AWS accounts and has a limited set of events for discovery purposes
To access this feature, navigate to Investigate -> Risks -> All Risks and select Activity from the Quick Filters.
The list of Activity based risk definitions can be reviewed in the Risk Signatures section.