Over 50 key behaviors measured out of the box.

SebDB

To begin it's best to brush up on which security behaviors are most important to your organization. Head over to SebDB, the world’s cyber security behavior database.

Security behaviors

Below is a list of all of our security behaviors you can track with each integration.

Behavior category	Security behavior	Data source
	`SB159` Does not click a phishing link	Microsoft Defender*
	`SB161` Reports a suspected phishing email	Microsoft 365
	`SB161` Reports a suspected phishing email	Google Workspace
	`SB159` Does not click a phishing link	Proofpoint
	`SB159` Does not click a phishing link	CybSafe
	`SB159` Does not click a phishing link	Microsoft 365
	`SB087` Reports suspicious messages (e-mails, texts, phone calls)	CybSafe
	`SB088` Checks emails for signs of deception	CybSafe
	`SB159` Does not click a phishing link	Mimecast
	`SB169` Does not open an attachment in a message from an unknown source	Mimecast
	`TEMP214` Does not click malicious links	Mimecast
	`TEMP214` Does not click malicious links	Microsoft Defender*
	`TEMP214` Does not click malicious links	Proofpoint
	`SB150` Does not use a password that has been compromised in a data breach	Microsoft Azure AD Identity Protection
	`SB010` Does not share passwords	Microsoft Purview DLP
	`SB150` Does not use a password that has been compromised in a data breach	CybSafe
	`SB151` Does not use weak passwords	CybSafe
	`SB174` Does not log in from a device running out of date operating software	Microsoft Intune
	`SB175` Does not log in from a rooted device	Microsoft Intune
	`SB198` Does not use unapproved device for work purposes	Microsoft Intune
	`SB032` Does not insert unauthorised devices/media into work devices/network	Microsoft Defender*
	`TEMP213` Does not use a laptop/desktop device that is infected with malware	Microsoft Defender*
	`SB174` Does not log in from a device running out of date operating software	Crowdstrike
	`TEMP213` Does not use a laptop/desktop device that is infected with malware	Crowdstrike
	`SB001` Enables multi-factor authentication for workplace accounts	Microsoft 365
	`SB190` Does not use third party applications within work domain	Microsoft 365
	`SB196` Doesn't share documents or files containing malicious links	Microsoft Defender*
	`SB196` Doesn't share documents or files containing malicious links	Proofpoint
	`SB182` Does not send sensitive information out of the business (email or otherwise)	Microsoft Purview DLP
	`SB184` Does not share a file containing confidential information	Microsoft Purview DLP
	`SB185` Does not post confidential information in a public messaging channel	Microsoft Purview DLP
	`SB186` Does not post PII in a public channel	Microsoft Purview DLP
	`SB187` Does not share a file containing PII	Microsoft Purview DLP
	`TEMP211` Does not share PII in email messages	Microsoft Purview DLP
	`TEMP211` Does not share PII in email messages	Mimecast
	`TEMP212` Does not share confidential information in email messages	Microsoft Purview DLP
	`TEMP212` Does not share confidential information in email messages	Mimecast
	`SB171` Does not use work email address that has been compromised in a data breach	Have i been pwned?
	`SB155` Does not download content or material from unauthorised websites	Microsoft Defender*
	`SB058` Checks websites for signs of deception	CybSafe
	`SB019` Only uses well-known, reputable and trusted websites to download content	Google Workspace
	`SB019` Only uses well-known, reputable and trusted websites to download content	Microsoft Defender*
	`SB018` Adds security or privacy extensions to browsers	Google Workspace
	`SB005` Uses Single Sign-On (SSO)	Microsoft 365
	`SB005` Uses Single Sign-On (SSO)	Google Workspace
	`SB022` Installs antivirus on all compatible devices	Microsoft Defender*
	`SB044` Enables encryption	Microsoft Intune
	`SB015` Completes assigned security awareness training successfully	CybSafe