Through the Most Recent Detection report, you can gain a detailed insight into the latest activities, tactics, techniques, and procedures (TTP) that have been flagged as malicious and triggered an alarm. This report offers contextualised information, including attribution when applicable, and provides comprehensive details about the attacker and any additional information available about the attack.
To view the Most Recent Detection that has set off an alarm in your ArmourZero platform, follow these steps:
Step 1 - Open "Most Recent Detection":
Navigate to: Activity > Most Recent Detection.
Step 2 - View "Tactic and Technique"
Hover your mouse to (!) to read more on the detection details.
Step 3 - Scroll to the right and click on View to expand the detection for additional details.
A further details execution report will be open. The additional details will be shown on your screen for your reference.
If you have any questions regarding any of these detections, submit new SOC ticket.