...
The Entity Analysis provides the analyst with a set of metrics for investigation: the number of Behavior Alerts, the number of SecOps Alerts, the number of Total Alerts, the Most Critical Alerts, and Related Associated Entities.
The MITRE tactics and MITRE technique widgets help you to better understand the entity’s progression towards its increased risk. The MITRE tactics page display the tactics associated with the SecOps or Behavioral Alerts, while the MITRE techniques page display the techniques associated with the alerts. Use these pages to see how the entity has progressed in the ATT&CK framework and craft an attacker story.
...
Within the Alert History you can expand each alert to drill down and get more details about the alert definition and associated context gathered when the alert triggered. The alert can be expanded to quickly show the description of what the alert is detecting, its LINQ query, and the associated data that contains other valuable context. If you want to drill down further into the alert you can click on the magnifying glass button to pivot into Devo’s data search window to view the raw events that triggered the alert.
Search for entities
There is an Entity Search box at the top of every page. Simply type a few characters and entities with be shown in a list below as you type. Clicking an entity name in the results will navigate to the Entity Details page for that entity.
...