This widget displays the detection logs generated by the Endpoint Sensor Attack Discovery feature based on the risk level for the specified period.
Important:
This feature requires that you have valid Endpoint Sensor policies deployed to endpoints.
Click the Rule Name to display a detailed view of the detection and all the related objects. You can trigger a Historical Investigation on all related objects by clicking the Assess Impact button.
Note:
A Historical Investigation can only perform an assessment based on specific criteria types. If you perform a Historical Investigation from the Attack Discovery Detections Widget, the investigation disregards objects for which no data is available.