Learn how to change the risk level of events right from the Event overview table
In Safetica NXT, you can quickly and effectively optimize the detection of risky events while investigating operations that were performed in your environment. You can change the risk level of individual events and decide whether they are Risky or Safe directly in Data Security > Overview in the Event overview table:
1. Click the that appears in the Risk level column after you hover the mouse over a particular event.
The feature is not available for aggregated events.
2. Click the option shown in the drop-down menu.
3. The form for detection rule creation appears. The criteria will be filled in automatically based on the respective event (except Rule name, File, File size, and Source).
More info about detection rule creation can be found here.
The newly created rule appears at the top of the Detection rules overview table in the Detection rules section, so it has the highest priority and takes precedence before all other rules.
After the new rule is created, risk level is recalculated for all past events. Applying these changes might take a few minutes.
Want to learn more? Read next: