Chapter 5. Triaging Alerts

Any event that triggers your threat intelligence thresholds will trigger an alert. These alerts are how you are notified that an event needs your attention. HCP provides a graphics user interface (GUI) to view these alerts. This GUI is a standalone user interface that connects to Elasticsearch to show the alerts but also store all other data in the browser cache. This chapter covers launching and using the Alerts user interface to identify and track cybersecurity issues: