Carbon Black Cloud: What is the difference between Threat Alerts and Observed Alerts?
search cancel

Carbon Black Cloud: What is the difference between Threat Alerts and Observed Alerts?

book

Article ID: 288696

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

What is the difference between Threat and Observed Alerts?

Environment

  • Carbon Black Cloud Console: Alerts page

Resolution

  • Threat Alerts are highly likely to be malicious based on our Analytics
  • Observed Alerts are behaviors which may be useful for conducting investigations but not clearly malicious from gathered data
Powered by Wolken Software