Extrahop security risk detected

This rule is part of a beta feature. To learn more, contact Support.
extrahop

Classification:

attack

Set up the extrahop integration.

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Detect when ExtraHop raises a security risk event.

Strategy

Trigger notifications for security risk events detected by ExtraHop.

Triage and Response

  1. Review the log detected with title: {{@title}} and with risk score: {{@risk_score}}.
  2. Determine the potential impact and legitimacy of the event. If the activity is deemed benign, log the event for future reference.