Escalations
Escalations
An alert is a collection of events that are correlated into a single incident. The Escalations page provides users details and access to the triggering events captured from
CylancePROTECT
and CylanceOPTICS
. Each alert that was escalated displays as a separate escalation on this page and can be assigned to you or another group member. You can add comments to escalations to communicate with CylanceMDR
analysts about the threat.If your organization is subscribed to
CylanceMDR
Standard or Advanced, analysts monitor your alerts for you and will escalate them to you if they require your attention. When an analyst identifies a threat and escalates it in your organization, designated groups in your organization are notified and you can view them on the Escalations page. If your organization is subscribed to
CylanceMDR
On-Demand, you must manually request CylanceMDR
support from the Alerts page in the Cylance
console. These requests are escalated to CylanceMDR
analysts so that they can investigate. You can follow up on these requests from the Escalations page in the CylanceMDR
(CylanceGUARD) portal.On the Escalations page, you can do the following:
- Click an alert or escalation in the list to view its details.
- Enter keywords in the search field to filter the alerts.
- For advanced search, click
.