An alert is a collection of events that are correlated into a single incident. The Escalations page provides users details and access to the triggering events captured from
CylanceOPTICS. When an analyst identifies a threat, they escalate the alert so that designated groups in your organization are notified about them and view them on the Escalations page. Each alert that was escalated displays as a separate escalation on this page and can be assigned to you or another group member. You can add comments to escalations to communicate with
CylanceGUARDanalysts about the threat.
On the Escalations page, you can do the following:
- Click an alert or escalation in the list to view its details.
- Enter keywords in the search field to filter the alerts.
- For advanced search, click .