The ENTITIES tab is a proactive threat hunting console. You can use behavioral filters to build use case driven target lists, and to continuously monitor the environment for specific risky behavior patterns.
*You can complete the tasks here.
- Begin an Investigation of High-Risk User Or Network Entity
- Investigate Top Alerts
- Filter Alerts
- Investigate Events
- Export a list of High-Risk User or Network Entity
The following figure shows the Entities tab.
To access this view:
Go to Investigate >ENTITIES.
The Overview tab is displayed.
The Users tab consists of the following panels:
|2||Risk Indicator Panel|
|3||User or Entity List panel|
The Filters panel lists two pre-defined filters, with the number of users associated with each in parentheses and the list of behavioral profiles that are saved as favorites.
Risk Indicator panel
The following table describes the risk indicator panel elements.
Entities List Panel
The Entities List panel displays the list of all the user or network entities in your environment along with the user or network entity score and number of alerts associated with the user or network entity.
The following table describes the Entities List panel elements.