# Anomalous Activity Detection User Interface Guide

## Real-Time Protection Against Exploits in Your Software Supply Chain 

Xygeni’s **Anomaly Detection** provides robust security by actively monitoring and addressing vulnerabilities and risks as they are detected. Our real-time analytics ensure that any attempt to exploit these vulnerabilities is identified and mitigated quickly, protecting the integrity and security of your software operations.

**Anomaly Detection** platform provides an additional layer of security by *continuously monitoring and analyzing activities within your SCM and CI/CD infrastructure to identify and respond to unusual behavior quickly*. Xygeni detects anomalies that indicate unauthorized modifications, access, or exploitations in real time. This proactive approach ensures that potential security breaches are addressed before they can escalate into serious threats.

{% hint style="info" %}
Anomaly Detection UI can be found under **Products >> Anomalous Activity**
{% endhint %}

<figure><img src="https://4096647782-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUTz59rJLkJBjiRWAMknU%2Fuploads%2Fcn2EmN0rzczcrZwQsE9o%2Fimage.png?alt=media&#x26;token=90552109-344b-4479-96b5-9b424359fff0" alt=""><figcaption></figcaption></figure>

The **Anomalous Activity** page displays the following information:

* Timeline Chart of number of issues created (differentiating between Critical File Changes and Suspicious Behavior)
* Charts for # of events by severity, by type and top-5 users with anomalous activities
* A table with the events (as well as filters ):
  * Severity of the event.
  * Timestamp of the event.
  * Category. (Critical File Changes or  Suspicious Behavior)
  * Event type. (catalogued depending on the Unusual Activity detectors;  read  [Unusual Activity detectors available](https://docs.xygeni.io/xydocs/unusual_activity/detectors/index.html) for the full list)
  * User that produced the event.
  * Inventory asset associated with the event.
  * Etc

In the events table, by clicking on the ![](https://4096647782-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUTz59rJLkJBjiRWAMknU%2Fuploads%2FN8NV7dxsmTLoSudVD83P%2Fimage.png?alt=media\&token=e66de179-8022-4fb4-ac30-c66d365cd605) icon of any event, you will see the details of the event.

As an example, the below image shows that a commit has been pushed to a repository after the branch protection was disabled.

<figure><img src="https://4096647782-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUTz59rJLkJBjiRWAMknU%2Fuploads%2FqpCOCCbuhb1bV4gjNIEs%2Fimage.png?alt=media&#x26;token=1644eb6c-4531-436f-9849-49f472e1c132" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
See [Code Tampering](https://docs.xygeni.io/xygeni-products/anomaly-detection/code-tampering-scanner) Scanner for further information on code tampering scanner.

See [Xygeni Sensors](https://docs.xygeni.io/xygeni-products/anomaly-detection/xygeni-sensors) for a full description and supported platforms of sensors.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.xygeni.io/xygeni-products/anomaly-detection/anomaly-detection-user-interface-guide.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.