Security Center - CTDR Releases V2.0 Security Event Handling
Oct 30 2024
Security CenterContent
1. The alerts from hosts and containers can be handled by using the CTDR feature. After the alerts are handled, the alert status changes. 2. The 5W2H method is used to provide event descriptions, evidence timelines, provenance graphs, and multiple views of alerts. This improves the readability, insight perspective, and handling guidance of events. 5W2H refers to Who, What, When, Where, Why, How, and How Much. 3. Automated incident investigation and tracing based on alerts, entities, and Indicators of Compromise (IOCs) are supported. 4. The Alert page is optimized to unify global alerts and alerts from hosts and containers. On the Alert page, alerts are classified by security service in which alert logs are recorded.