Views:

The Workbench app displays the alerts triggered by detection models.

After you enable alerts and begin to receive activity data from your supported products, TrendAI Vision One™ analyzes the data and triggers alerts for matched detection models. You can prioritize your response to alerts based on the alert scores and begin an in-depth investigation directly from the console.

Procedure

  1. Go to Workbench.
  2. Examine and prioritize the alerts for further investigation based on the alert Score provided.
    TrendAI Vision One™ calculates the alert score based on the Model severity and Impact scope.
  3. Click the Workbench ID of an alert to view the summary details.
    The workbench details screen provides the following information:
    • Summary: An overview of the detection model, impact scope, and detection time
    • Highlights: A list of the event objects that triggered the alert
      Tip
      Tip
      Click any of the events to highlight the specific objects in the Observable Graph.
    • Observable Graph: A visual representation of the objects that triggered the alert and the relationships among objects
  4. Right-click any object in the Observable Graph to display the context menu, which provides additional options based on the object type.