Last campaign endpoints

Description

This report shows a list of the top 300 endpoints (highest weighted scores) identified in the selected campaign. The list of endpoints is automatically refresh when a different campaign is selected from the dropdown.

The weighted score is the sum of (relevance x [confidence/4]) of every threat hunting analytics involved for the endpoint, during the last campaign.

The column “matching analytics” shows the number of analytics matching the endpoint for the last campaign.

Actions (links)

• Expand/collapse: click on each row to expand or collapse the details.

• Send to timeline: Send the endpoint to the timeline module.

• Send to Netview: Send the endpoint to the netview module.

• events: Send the PowerQuery associated to the select threat hunting analytic to SentinelOne.

• trend: Show the trend graph for the selected threat hunting analytic.

• admin: Open the selected threat hunting analytic in the admin backend for modification.