Supported Capabilities
General Query
You can perform general How to or What is queries about Endpoint Security product and incident specific queries related to the specific account or endpoints.
Sample Prompt
-
What do you recommend to harden my security configuration at Endpoint Security?
-
What is the best practice for policy configuration?
-
How should I optimize my security configuration?
-
List the policy rules that detect the most active attacks.
-
Identify the top 5 users with high\critical logs.
-
Show me top 3 devices with issues.
-
Is there any suspicious network activity?
-
List all critical events from IP
<IP_address>. -
List all events from machine
<MACHINE_NAME>.