You can investigate specific artifacts and assets on dedicated views related to IP address, Network Assets, and File and Process Hash information.
From the Incidents view, open the Key Assets & Artifact tab to see the assets and artifacts that are associated with the incident, including hosts, IP addresses, and users. Icons represent properties of the artifacts and assets. Hover over an icon for more information. Click the more options icon to drill down in dedicated views, or take actions on the asset or artifact. The Key Assets & Artifact tab shows the following information:
Artifacts
To aid you with threat investigation, Cortex XDR displays the WildFire-issued verdict for each key artifact in an incident. To provide additional verification sources, you can integrate external threat intelligence services with Cortex XDR. For more information, see External integrations.
Assets
Displays Hosts and Users details. For hosts with a Cortex XDR agent installed, click on the host name to see more information in the Details panel.