Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Investigation

            Modified on Wed, 03 Jan 2024 at 10:13 PM

            1 -   General definition


            Investigation is a research activity carried out on the activity of Endpoints (system, network...) within an IT estate in order to find malicious activity.


            2 - Investigation avec Nucleon


              

                With the Nucleon platform, investigation enables you to understand the execution flow of a malicious file in order to understand its behaviour on the system and network.

             

            Investigation can be launched using two methods: 

            • From a Threat in the Overview tab:

            • From a particular event in (Related events):



               The red nodes correspond to blocked events, the orange ones to weak signals. 

            Each node can be clicked to display details of the event in question:

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0