What happens if I mark an Alert as "Done"?
Marking an alert as done will remove it from the default SOC Queue view.
Can I delete leads if they are incorrect or benign?
Use Ignore Rules to ignore and prevent new and existing matching activity from generating leads and retroactively remove any previous leads generated.
If I delete leads, what happens to any related stories?
Stories will change when leads are deleted, for more information click here.
What happens if I apply Custom scoring? Does it modify existing leads or just affect new leads?
Custom scoring will only affect leads that were generated after the custom rule was created, custom scoring rules are not retroactive.
What happens when I enable or disable alerts for a specific Lead?
Alerts are added and removed from the SOC queue retroactively, excluding custom scoring changes which are not retroactive, and config changes made to alerting config will affect the alert population in the SOC queue.
Why can’t I delete/share/edit a tab?
Limitations on the SOC Queue tabs are a result of your assigned user role. Contact your Hunters platform administrator to learn more.