Streaming telemetry feed across identity, endpoint, and cloud domains. Anomalous events are flagged with an amber indicator. Click any event to inspect its cluster and drive all panels.
Events ingested0
Anomalies detected0
Stream interval1.2–2.2s
Identity sources—
Endpoint agents—
Cloud connectors—
Noise filtered—
Evidence Graph
ℹinfo
Evidence Graph
Interactive node-link visualization mapping entities (users, hosts, IPs, processes, cloud services) and their relationships. Nodes highlight when a cluster is selected. Hover for details.
Nodes0
Edges0
UserHostIPProcCloud
Operator Control
MTTR
—
Mean time to resolve
Hunts / 24h
—
Automated + manual
FP Rate
—
False positive rate
Activity Log
No operator actions recorded.
Agent Reasoning
Select an event to view agent reasoning.
Reasoning Chain
Evidence Artifacts
Confidence
—
Trust & Drift
—
Trust Score
Awaiting analysis
Confidence
—
Evidence
—
Signals pending
Uncertainty Flags
Model Drift
—
⚠ Deploy Detection Rule
This will push the generated detection to production. Untuned rules may cause false positives and alert fatigue. Ensure suppression rules and thresholds are reviewed.