- Install the Threat Response module and deploy packages to endpoints. See Installing Threat Response. If you are upgrading Threat Response, see Upgrade the Threat Response version.
- Upload threat data. You can deploy this data to endpoints. See Adding intel.
- Create configurations of Threat Response components to apply to specific groups of endpoints. See Creating configurations.
- Orchestrate configurations into a profile and assign the profile to one or more computer groups. See Creating profiles.
- Connect to an endpoint, review data, and drill down to specific events. See Connecting to live endpoints and exploring data.
- Examine other endpoints. See Searching across the enterprise.
- Retrieve data from endpoints that have been compromised. See Collecting data from endpoints.
- Quarantine any compromised endpoints. See Isolating compromised endpoints.
Last updated: 1/10/2020 11:34 AM | Feedback