KNOWLEDGE BASE

Back to home

KNOWLEDGE BASE

SECURITY MONITORING

SECURITY MONITORING

Best practices to use the platform for active threat monitoring.

Streamline Alert Analysis with Signal Tagging

Workbook Versioning: Track, Collaborate, and Restore with Ease

What is security monitoring?

MITRE ATT&CK® and DNIF

Streams and MITRE ATT&CK®

Why EBA

Signal Suppression Rule

Creating Signal Suppression Rules

Understanding Detection Workbook Coverage on the MITRE ATTACK Framework

INVESTIGATE SIGNALS

How to add a signal to a case?

False Positives

Add Multiple Signals to a Case

What are signals?

Suspect & Target

View Signal Context Details

Signal Context Details

Raise and View Signals

Global Signals

Source Stream

Signal Confidence Levels

Signal Filters

Investigate Anywhere

Graph View for Signals

See more

MANAGING CASES

What is Case Management?

View Cases

Filter Cases

How to create a new case?

Kill Chain Model

See more