Enterprise EDR: Is There A Way To Tell Which Component Of An IOC Triggered An Alert?
search cancel

Enterprise EDR: Is There A Way To Tell Which Component Of An IOC Triggered An Alert?

book

Article ID: 290241

calendar_today

Updated On:

Products

Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Is There A Way To Tell Which Specific Component Of An IOC Triggered An Alert?

Environment

Enterprise EDR (Formerly CB ThreatHunter) Web Console: All Versions

Resolution

No. Currently there is no way to tell which component(s) were responsible, only the name of the IOC involved

Additional Information

A feature request has been added over inĀ 'Idea Central' on the UeX, at the following link. Please feel free to vote on this...

https://community.carbonblack.com/t5/Idea-Central/Enterprise-EDR-Add-the-ability-to-determine-which-component-of/idi-p/94589#M10237

Powered by Wolken Software