Query: Investigate activities linked to threats

Description

Discover activities linked to detected threats to improve incident response and trace the sequence of events. Correlating activities with threats provides crucial context, allowing security teams to understand how the threat was handled, which actions were taken, and whether any follow-up steps are required to fully remediate the issue.

Query

Tables used in this query:

• sentinelone_activity

SQL