Identity-aware logging captures every user action and ties it directly to a verified identity, providing a complete audit trail of who did what and when. In traditional industrial environments, logs are often device-centric, showing that a connection was made from an internet protocol address but not which specific person was responsible. By integrating identity into the logging process, organisations can quickly identify and respond to suspicious activity and meet stringent regulatory requirements for auditing and compliance. Read about auditing in our configuration guide.

For more information, see Industrial Cyber Security Best Practices.