- Get Started with Threat Center
- Threat Center
- Threat Center Permissions
- Threat Center Alerts: Read
- Threat Center Alerts: Read, Write, and Delete
- Threat Center Cases: Read
- Threat Center Cases: Read, Write, and Delete
- Threat Center Detection Grouping Rules: Read
- Threat Center Detection Grouping Rules: Read, Write, and Delete
- Threat Center Watchlist: Read
- Threat Center Watchlist: Read, Write, and Delete
- Threat Center Cases
- Threat Center Alerts
- Threat Center Detections
- Threat Center Risk Score
- Configure Threat Center
- Monitor Entities of Interest in Threat Center
- Work on Cases
- Work on Alerts
- Edit and Collaborate in Threat Center
- Use Automation Tools in Threat Center
- Find Cases and Alerts
- View Case and Alert Metrics
- Get Notified About Threat Center
- Threat Center APIs
PrevNext
Configure Threat Center
Customize how Threat Center works. Configure detection grouping logic, case stages, case queues, and the case closed supporting reason.
Automatically group related detections with detection grouping rules.
Case stages indicate where you are in your response to a threat.
Assign cases to groups of users and share your workload with Threat Center case queues.
Configure Case Closed Supporting Reason
Make the case closed supporting reason mandatory or optional.