- Get Started with Threat Detection Management
- Analytics Rules
- Analytics Rule Classifications
- Create an Analytics Rule
- Manage Analytics Rules
- Tune Analytics Rules
- Share Analytics Rules
- Troubleshoot Analytics Rules
- Analytics Rules Syntax
- Advanced Analytics Rule Syntax vs. Analytics Rule Syntax
- Logical Expressions in Analytics Rule Syntax
- String Operations Using Analytics Rule Syntax
- Integer Operations Using Analytics Rule Syntax
- Time Operations Using Analytics Rule Syntax
- Network Operations Using Analytics Rule Syntax
- Context Operations Using Analytics Rule Syntax
- Entity Operations Using Analytics Rule Syntax
- Correlation Rule Operations Using Analytics Rule Syntax
- Analytics Engine Status
- Correlation Rules
- Threat Scoring
Threat Detection Management
Manage rules for detecting threats with Threat Detection Management.
Threat Detection Management is the hub on New-Scale Security Operations Platform for the rules you use to detect threats. It centralizes all rules, both analytics rules and correlation rules, so you raise accurate, high-fidelity alerts with minimal noise and ensure you're surfacing what's important to your organization.
Analytics rules are rules that assess events for potential risk as a part of the analytics engine. With the statistical analysis and pattern recognition capabilities of the analytics engine, you can identify trends and deviations that may indicate a security risk.
Correlation rules are rules that automatically correlate an event to a specific result. If an event meets specific conditions, the correlation rule triggers, which then takes a certain action. With the if-then logic of correlation rules, you can monitor known anomalies, detect signature-based threats, and identify compliance violations.
Threat Detection Management is available for certain licenses only. Permissions determine what you're permitted to see and do in Threat Detection Management.