Threat Triage Examples
Threat triage rules identify the conditions in the data source data flow and associate alert scores with those conditions.
Following are some examples of threat triage rules:
- Rule 1
If a threat intelligence enrichment type is alerted, imagine that you want to receive an alert score of 5.
- Rule 2
If the URL ends with neither .com nor .net, then imagine that you want to receive an alert score of 10.