Update Threat Analyst Verdict
Change the verdict of a threat, as determined by a Console user.
Parameters
| Parameter | Description |
|---|---|
| New Analyst Verdict | The new analyst verdict. Options: <br/>false_positive<br/>suspicious<br/>true_positive<br/>undefined<br/> |
| Threats IDs | List of threats IDs to update their analyst verdict. |
Example Output
{
"errors": [
{
"type": "object"
}
],
"data": {
"affected": "integer",
"details": [
{
"result": "updated",
"threatId": "225494730938493804"
}
]
}
}
Workflow Library Example
Update Threat Analyst Verdict with Sentinelone and Send Results Via Email
Preview this Workflow on desktop