Use the AI-powered Aurora Security Assistant to investigate alerts

You can use the AI-powered Aurora Security Assistant to provide a summary analysis of an alert group, and detailed analysis for process and script artifacts within an alert group. The Aurora Security Assistant leverages rich cybersecurity knowledge sources to provide valuable information to aid you in your threat investigations.

When you use the Aurora Security Assistant to generate an analysis of a script artifact, if your browser is set to a language that is supported by the Aurora Endpoint Security console, Aurora Security Assistant will generate the response in that language. You can change the language setting for Aurora Security Assistant by clicking the settings icon in the response panel.

Note:

Currently, the Aurora Security Assistant is available for Aurora Focus alerts only. Future updates will extend this functionality to other Endpoint Defense products and services.
Arctic Wolf does not use any customer data to train the AI that powers the Aurora Security Assistant.

In the management console, on the menu bar, click Alerts.
On the Product column, click and select Focus.

Click an alert group.


Task	Steps
Generate a summary analysis of the alert group.	In the left pane, in the Overview section, click Alert Summary. Click to copy the summary.
Generate an analysis of an instigating or target process or script for the alert group.	In the left pane, scroll down to view relationships between instigating and target objects. Hover over an instigating or target process or script artifact and click . Click to copy the analysis.
Generate an analysis of an instigating or target process or script for a specific alert in the group.	Click an individual alert in the alert group. In the right pane, scroll down to view relationships between instigating and target objects. Hover over an instigating or target process or script artifact and click . Click to copy the analysis.