Extrahop security risk detected

This rule is part of a beta feature. To learn more, contact Support.
extrahop

Classification:

attack

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Detect when ExtraHop raises a security risk event.

Strategy

Trigger notifications for security risk events detected by ExtraHop.

Triage and Response

  1. Review the log detected with title: {{@title}} and with risk score: {{@risk_score}}.
  2. Determine the potential impact and legitimacy of the event. If the activity is deemed benign, log the event for future reference.