Viewing BDE detections on the Alerts screen

On the Alerts screen, detections from the Behavioral Detection Engine (BDE) can be distinguished from detections using the legacy rule sets.

Detections from the legacy rule set have "Custom" or "MitreCA" in the Classification column, and the MITRE TTPs in the Description column.

Screenshot showing legacy alerts in the Alerts screen.

Detections from BDE have the MITRE details in the Classification and Sub-classification columns.

Screenshot showing examples of BDE detections in the Alerts screen.

Aurora Endpoint Security