Which engine, of the following, in Cortex XDR determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident?
Which engine, of the following, in Cortex XDR determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident?
The Causality Analysis Engine in Cortex XDR is responsible for determining the most relevant artifacts in each alert and aggregating all alerts related to an event into an incident. This functionality helps in reducing alert fatigue and allows for more efficient incident response by grouping related alerts together into a single incident for further investigation.
From CXPAD: The Causality Analysis Engine determines the most relevant artifacts in each alert and aggregates all alerts related to an event into an incident.
B is the right answer. Check: Ref.: Ref.: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Administrator-Guide/Concepts
pg . 12