About the Detections Screen

The Detections screen provides access to realtime information about the following detection categories.

Table 1. Detections

Detection Categories

Description

Affected Hosts

Hosts that have been involved in one or more phases of a targeted attack.

For details, see Affected Hosts.

For details about the Host Severity scale, see Host Severity.

Network Detections

Hosts with detections from all event logs, including global intelligence, user-defined lists, and other sources.

For details, see Network Detections.

Email Messages

Email messages that contain malicious or suspicious content, embedded links, attachments, or social engineering attack related characteristics.

For details, see Email Messages.

For details about email message risk levels, see Email Message Risk Levels.

For details about email message threat type classifications, see Email Message Threat Type Classifications.

Correlated Events

Events that show one or more attack patterns derived from the correlated data of multiple detections in your network.

For details, see Correlated Events.

Note:
Review and understand for which protocols Deep Discovery Director - Network Analytics provides correlation data, and why it might not display any correlation data.