This "Detection by Tactic" report provides a detailed view of the most detected activities, tactics, techniques, and procedures (TTP) flagged as malicious, resulting in alarms. This report offers contextual information, including relevant attributions, providing details about the attacker and other known attack-related information.
Tactics refer to the overall strategies used by threat actors to infiltrate valuable systems and data. In simpler terms, tactics outline the "how" of cyber attacks.
To view the "Detection by Tactic" report, which presents these details in a graph view categorised by tactics and filtered for the past 7 days, follow these steps:
Navigate to: Activity > Detection by Tactic.
If you have any questions regarding any of these detections, submit new SOC ticket.