EDR: Incorrect Report Score parameter in Alert on Alerts Triage Page
search cancel

EDR: Incorrect Report Score parameter in Alert on Alerts Triage Page

book

Article ID: 288517

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Report Score parameter in Alert is incorrect and does not match with Feed Report Score

Environment

  • EDR: All Supported Versions

Cause

Report Score in alert on Alerts Triage page, is not from Feed Report Score. It is Watchlist Report Score, and confused with Feed Report Score.

Resolution


This is to be fixed in future release and there is no Estimated Time of Arrival decided yet.

Additional Information

Example:
  • Customer created a watchlist from AlienVault Feed, to report on events where Feed Report Score is greater or equal to 80
  • Alert was generated, but the alert shows report score of 75

User-added image
Powered by Wolken Software