By default Security Analytics server uses a web server certificate generated by Security Analytics for HTTPS connection. Security Analytics also allows you to configure custom web server certificate to be used as Security Analytics server certificate. You can configure custom web server certificate even if PKI is not enabled. Supported…
This topic provides instructions for an analyst to create and manage custom column groups for displaying data in the Navigation > Events view. When viewing a list of events in Security Analytics Investigation > Events view, you can customize the way data is displayed by defining the meta to display in a column, the position of the column in…
In the Add Events to an Incident dialog, analysts can add alerts to an existing incident so that incident responders look at the associated events as part of an incident response. Related procedures are available in Manage Context Hub Lists and List Values in Investigation. To access this dialog, while investigating a service in the…
When analysts are viewing an event reconstruction in Security Analytics Investigation, the Actions menu has an option to extract files from the event being viewed and export them to an archive. Note: You can only export session files that you have permission to view or access. The file export function queries the service for all sessions…
Security Analytics Malware Analysis is an automated malware analysis processor designed to analyze certain types of file objects (for example, Windows PE, PDF, and MS Office) to assess the likelihood that a file is malicious. Using Malware Analysis, the malware analyst can prioritize the massive number of files captured in order to focus…
Loading...
in