Review the list of threat events - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-07
Category
Administrator Guide
Abstract

Review a curated list of zero-day exploits and global threat events in the Threat Response Center.

Navigate to DetectionAttack SurfaceThreat Response Center to view the complete list of threat events. The list is sorted by the Last Updated date.

For each event in the list, Cortex XSIAM displays the following information, enabling you to quickly identify which events are the highest priority for your organization.

  • Severity Score—This is the highest CVSS score of the CVEs associated with the event.

  • Threat Name and Brief Description

  • Active Alerts—Number of your organization's active alerts related to this event.

  • CVEs—Number of CVEs related to this event.

  • Affected Software—Names of the software affected by this event. The threat event details page lists the affected versions.

  • Last Updated date

threat-response-center.png

You cannot generate a report directly from the Threat Response Center, but the visualizations at the top of the Threat Response Center page are available for customer report generation in the Widget Library. To find the Widget Library, navigate to DashboardsWidget Library in the main menu on the left.