The Detections screens provide access to realtime information about the following detection categories.
|
Detection Categories |
Description |
|---|---|
|
Affected Hosts |
Hosts that have been involved in one or more phases of a targeted attack. For details, see Affected Hosts. For details about the Host Severity scale, see Host Severity. |
|
Network Detections |
Hosts with detections from all event logs, including global intelligence, user-defined lists, and other sources. For details, see Network Detections. |
|
Email Messages |
Email messages that contain malicious or suspicious content, embedded links, attachments, or social engineering attack related characteristics. For details, see Email Messages. For details about email message risk levels, see Email Message Risk Levels. For details about email message threat type classifications, see Email Message Threat Type Classifications. |
|
Quarantined Messages |
Email messages that have been quarantined because they meet certain policy criteria. For details, see Quarantined Messages. For details about quarantine reasons, see Quarantine Reasons. |
|
Correlated Events |
Events that show one or more attack patterns derived from the correlated data of multiple detections in your network. For details, see Correlated Events. Note:
Review and understand for which protocols Deep Discovery Director - Network
Analytics provides correlation data, and why it might not display any
correlation data.
|