#status/elaborate

Alert Prioritization Framework

Important

To define the priority, two factors need to be taken into account:

  • Confidence: How certain are you in the rule will show malicious activity?
  • Severity: What is the potential impact of the threat?

Relevant Note(s):