Managed Detection: What Alert Severities are Analyzed and Reported on?
search cancel

Managed Detection: What Alert Severities are Analyzed and Reported on?

book

Article ID: 287608

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black Cloud Managed Detection (formerly Cb Threatsight)

Issue/Introduction

What alert severities are analyzed and reported on by the CB ThreatSight team?

Environment

  • Managed Detection (Formerly CB ThreatSight)
  • Carbon Black Cloud Console: All Supported Versions
    • Endpoint Standard (Formerly CB Defense)
    • Enterprise EDR (Formerly CB ThreatHunter)

Resolution

Alerts with a Severity Score of 5 or Greater

Additional Information

  • Any severities from 4¬†and below are not a focus for the Managed Detection¬†team.
  • Alerts generated by Enterprise EDR Watchlists are not available to the Managed Detection team.
  • If an alert is considered a false positive then this is not sent to the customer.