EDR: Analyze

Threat Management in the Management Console is includes more granular tracking of threats and their status in your system, enriched forensics data, and detailed mitigation information, including:

  • New threat lifecycle and threat management tools
  • Improved threat management UI across the Management Console:
    • Analyze > Threats > Incident details
    • Updated Activity view includes a Threat Management filter
    • Updated threat Notification options and enriched Syslog messages

To view Analyze:

Select Integrations > EDR > Analyze

The Threats table has many columns and filters, to easily help find the information you need.

In the results, click a threat to open its Incident details