What is Broad Context Detection? - F-Secure Community
<main> <article class="userContent"> <p> </p>What is Broad Context Detection? <p>Understanding the scope of a targeted attack is easy with a broad context of detections visualized on a timeline that includes all impacted hosts, relevant events and recommended actions. The service uses real-time behavioral reputational and big data analysis to automatically place detections into the context, and to include risk levels, affected host criticality and prevailing threat landscape. </p> <div> <ul><li>Natively designed for real-life orchestrated, polymorphic attacks </li> <li>Incidents are placed in the context of prevalent situations </li> <li> Combines risk level, affected device groups and prevailing threat landscape </li> <li>Detects root causes based on a flow of disparate events from a multitude of hosts </li> </ul></div> <p>The Broad Context Detection is supported by Machine Learning engine that learns to distinguish attacks from the noise. The engine works so that all the past decisions (False positive/True positive) create a training set for the engine. All the newly coming detections are being investigated to determine how likely it is that the new detection (based on historical detections) is a false positive. </p> <div id="related"> <strong>Related information</strong> <ul><li><a rel="nofollow" href="https://community.f-secure.com/atp-en/kb/articles/5746"> What data does the F-Secure Elements Endpoint Detection and Response sensor collect? </a></li> <li><a rel="nofollow" href="https://community.f-secure.com/atp-en/kb/articles/5753"> What kind of response capabilities are available in F-Secure Elements Endpoint Detection and Response? </a></li> <li><a rel="nofollow" href="https://community.f-secure.com/atp-en/kb/articles/5754"> What other functionality other than detecting threats is available in F-Secure Elements Endpoint Detection and Response? </a></li></ul></div> <br> </article> </main>