Forum Discussion
No Automated Investigation Triggered for High Severity Incident
Hi Community, I’ve noticed an issue where no Automated Investigation and Response (AIR) was invoked for a high-severity incident and alert on a device that belongs to a device group configured with ...
Samething for us. No blocking of registry changes or c2 blocking after running malicious script with win + R