Extrahop security risk detected

This rule is part of a beta feature. To learn more, contact Support.
extrahop

Classification:

attack

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Goal

Detect when ExtraHop raises a security risk event.

Strategy

Trigger notifications for security risk events detected by ExtraHop.

Triage and Response

  1. Review the log detected with title: {{@title}} and with risk score: {{@risk_score}}.
  2. Determine the potential impact and legitimacy of the event. If the activity is deemed benign, log the event for future reference.