Using the Offenses tab, you can investigate offenses, source and destination IP addresses, and network behaviors.
JSA can correlate events and flows with destination IP addresses located across multiple networks in the same offense and the same network incident. You can effectively investigate each offense in your network.
You can investigate offenses, source and destination IP addresses, and network behaviors.
- Click the Offenses tab.
- Double-click the offense that you want to investigate.
- On the toolbar, select Display >Destinations.
You can investigate each destination to determine whether the destination is compromised or exhibiting suspicious behavior.
- On the toolbar, click Events.
The List of Events window displays all events that are associated with the offense. You can search, sort, and filter events.