Parameter | Description |
---|---|
IDs | List of threats IDs. |
"Status","Threat Details","Confidence Level","Endpoints","Incident Status","Analyst Verdict","Reported Time (UTC)","Identifying Time (UTC)","Detecting Engine","Initiated By","Classification","Agent Version On Detection","Agent Version","Hash","Path","Completed Actions","Pending Actions","Reboot Required","Failed Actions","Policy At Detection","Mitigated Preemptively","External Ticket Id","Account","Site","Group","Originating Process"
"Marked as suspicious","ransomware.exe","Malicious","DESKTOP-HR2345","In Progress","True positive","Oct 15, 2024 03:27:19 PM","Oct 15, 2024 03:27:05 PM","['On-Write Static AI']","Agent Policy","Ransomware","24.1.2.145","24.1.2.145","8f5e6d9c2a1b4c7e3f9a8b7d6c5e4f3a2b1c9d8e","\Device\HarddiskVolume2\Users\jsmith\Documents\ransomware.exe","['quarantine', 'kill']",False,False,False,"protect",False,"789","50127 - GLOBEX","Security Operations - Production","Finance Department","firefox.exe"
Was this page helpful?