Rule Details

Here you can find a summary of the rule.

Rule—The name of the rule

Author—The name of the user that was logged at the time of the rule creation

Last Edit—Date of the last edit of the rule

Category—Category name that you can find among category tags in the Edit Rule section

Severity—Shows the severity of the detection. Threat Alarm_Severity_Threat Warning Alarm_Severity_Warning Info Alarm_Severity_Info

Severity Score—More precise definition of severity. 1-39 > Info Alarm_Severity_Info 40-69 > Warning Alarm_Severity_Warning 70 - 100 > Threat Alarm_Severity_Threat

Explanation—Explanation of the behavior of the file

Malicious Causes—What can be a result of a file execution

Benign Causes—What could be the unharmful approach to the fil

MITRE ATT&CK™ TECHNIQUES—If the rule contains an ID of the MITRE ATT&CK™ TECHNIQUE it is shown here, otherwise none

Rerun Tasks—The number of rerunning the tasks containing this rule

Exclusions—The number of exclusions created for this rule

Tags—used to tag the computer. After choosing this option, a new window for tag edition opens. In the Select field, you can type a new tag or select an already existing one. You can also use the button at the bottom of the screen to show the list of assigned tags