Investigate

The Investigate tab provides a comprehensive interface for monitoring and managing security threats discovered in real-time by Cloud Detection and Response across your infrastructure. This dashboard enables security analysts and IT professionals to track, analyze, and respond to security findings in real-time from a single source of view.

Summary Cards

The dashboard header contains four key metric cards:

1. SEVERITY
   • Displays severity distribution of security findings
   • Provides quick visibility into critical issues
2. ACCOUNTS/SUBSCRIPTIONS/PROJECTS
   • Shows security findings across different organizational units
   • Helps identify affected resources
3. LAST 7 DAYS THREATS
   • Presents a weekly overview of security threats
   • Enables trend analysis and pattern recognition
4. TOP 10 ASSETS WITH THREATS
   • Lists the most vulnerable or targeted assets
   • Helps prioritize security responses

Data List

On the main data list screen, you can find multiple columns that presents security findings collected from CDR.

The available columns are

DETECTED ON - Displays the exact date and time of when the threat was detected.

TITLE - A descriptive name of the security finding.

SEVERITY - The severity associated with the threat.

CLASS : CATEGORY - Describes the nature of the threat. Whether it is an API activity or a Cryptojacking etc.

AFFECTED RESOURCE - Describes the assets affected by this findings.

CLOUD IDENTIFIER - Describes which cloud provider is affected by this finding.