Investigations page

Anomaly Detection has a dedicated page that lists potential anomalous incidents with their location, cluster, file details, and snapshot time. If you have Cyber Recovery (discussed in a later section) enabled, objects that are part of a recovery plan will be grouped under that recovery plan.

By looking at this page, you now have an understanding of which systems and applications have been affected by the cyber attack.

Now, let's dive deeper into which folders and files are impacted.

PreviousVisibility into the attack NextDetermining blast radius