Alert Runbooks
Run Alert triage on Panther Built-in Rules or Policies

Overview

Panther provides documentation on Alert triage for most of the Rules and Policies found in our Built-In Detection Packs. On the triage sub-pages, you will find information on:
  • Determined alert risk and remediation levels
  • The Rule or Policy's purpose and what should be monitored for each detection
  • Remediation triage steps
  • References from related external AWS documentation

Alert triage for built-in Policies and Rules