Investigations page

Anomaly Detection has a dedicated page that lists potential anomalous incidents with their location, cluster, file details, and snapshot time. If you have Cyber Recovery (discussed in a later section) enabled, objects that are part of a recovery plan will be grouped under that recovery plan.

Investigations Page

By looking at this page, you now have an understanding of which systems and applications have been affected by the cyber attack.

Now, let's dive deeper into which folders and files are impacted.