Skip to content

About a case#

In this section you can find information about cases.

A case provides information on suspicious activity in the environment. It provides information on the security incidents, observables, alerts, and affected users. Security analysts can conduct specific analysis based on cases to assess the possibilities of threats.

Cases can be created from various sources. Each security case consists of a title, tags, task rules, obsevable rules a description of case details, and all the details related to the case that help in building an argument for identifying and dealing with particular threats.