Details page
The details page shows a set of fields which are applicable to the related type of alerts.
Actions dropdown
- Acknowledge
- Unacknowledge
- Close
- Create Alert Rule For This Alert
- Alert Trace
Summary
- What happened
- The possible cause of the alert
- The suggested solution for the alert
Actor details
- Source: Details about where the activity was initiated
- Communication: The communication protocols detected
- Destination: Details about the targeted asset
Map
A map view that shows both the source and the destination of the alert to show it in a real-world context.
Playbook
If applicable, a playbook will be created from a template that has been defined by an administrator. The template guides you on how to best respond to the alert. You can edit an alert's playbook to collaborate with your colleagues and record the progress in resolving the alert.
Additional details
This section gives more context about the reported activity. Vantage displays the relevant details for this specific type of alert, and other fields are marked n.a.
MITRE ATT&CK for ICS Techniques Detection
This section shows when Vantage is able to provide information about the technique and attack tactics as defined in the MITRE ATT&CK Framework.
Timeline of events
This section shows all events that are related to this alert.
Comments
This section lets you add, or read, comments about this alert.