With the New Detection, you can closely examine new instances of activities and the methods used, known as tactics, techniques, and procedures (TTP), that are marked as harmful and trigger an alert. This report offers detailed contextual information that includes identifying relevant sources, offering specifics about the attacker, and any other available information about the attack.
Even though there is no action is required from your end, it is still good to understand to know the true meaning of those terms in the detection verification status:-
Detection Status | Definition |
New | New detection was identified as malicious and has been blocked by the sensor/agent/installer. Yet to be verified by our personnel. |
In progress | Detection verification is being worked on by our personnel and an update will be provided as soon as it is completed, or if more information is required. |
True_positive | The detection is a verified legitimate attack that triggers and produces an alarm. |
False_positive | The detection is verified as not a real attack. |
For further information about the detection, click on "View" under the "Action" section.
If you have any questions regarding any of these detections, submit new SOC ticket.