This feature requires special licensing.
Threat investigations use server metadata to quickly identify endpoints which are possible candidates for further analysis.
The following table describes the tabs on the Threat Investigation screen.
Tab |
Description |
---|---|
Assessment |
Use an assessment to perform the following:
Threat Investigation provides the following types of assessment:
(Worry-Free Services Advanced only) To switch to Email Assessment, click Emails. For more information, see Threat Investigation - Email Assessment. |
Root Cause Analysis |
If an assessment returns a match, administrators may generate a Root Cause Analysis to:
Generating a Root Cause Analysis may take some time to complete. Use the Root Cause Analysis tab to monitor the progress of the task. When the task completes, click the number in the Results column to view analysis results. |