KNOWLEDGE BASE

Back to home

KNOWLEDGE BASE

SECURITY MONITORING

SECURITY MONITORING

Best practices to use the platform for active threat monitoring.

What is security monitoring?

Mitre Att&ck® and DNIF

MITRE ATT&CK® Usage

Streams and MITRE ATT&CK®

Why EBA

Signal Suppression Rule

Creating Signal Suppression Rules

INVESTIGATE SIGNALS

How to add a signal to a case?

False Positives

Add Multiple Signals to a Case

What are signals?

Suspect & Target

View Signal Context Details

Signal Context Details

Raise and View Signals

Global Signals

Source Stream

Signal Confidence Levels

Signal Filters

Investigate Anywhere

Graph View for Signals

See more

MANAGING CASES

What is Case Management?

View Cases

Filter Cases

How to create a new case?

Kill Chain Model

See more