Campaign summary sidebar

The Campaign summary sidebar is expanded by clicking a campaign card on the Campaigns page.

Top section

At the top of the sidebar are a number of items:

  • Click the cancel/close to close the sidebar.

  • Click the View details angle right button to access the Campaign details page and a full view of all the available details of the campaign.

  • The number of Hosts affected by the campaign is displayed.

  • The number of Threat types involved in the campaign is displayed.

Actions

Campaign name

Click the edit icon to optionally edit the Campaign name.

State

Select the triage status of the campaign from the pull-down menu. Select from Open, In progress, Updated, or Done.

Assignee

Select the responsible analyst from the pull-down menu. The default is Unassigned.

First seen array Last seen

A graph with the timestamp from when the evidence was first and last seen.

The Duration is displayed below the graph.

Attack stages seen

The Attack stages seen widget displays the attack stages, highlighting the current campaign attack stage(s). Hover over a highlighted activity to view a pop-up with more information about the stage.

Hosts affected

The Hosts affected widget displays the hosts that are involved in the selected campaign. Click the IP address link to view the Host profile page (for some entries, this may be EMAIL with no link). Click View hosts angle right to see details about the hosts on the Hosts tab.

Threats

The Threats widget displays the current threats detected in the selected campaign. The severity of the threat is indicated by the color code: red for high, yellow for medium, and blue for low. Click View threats angle right to view detailed information about the campaign on the Campaign timeline tab.