Stale Endpoint with Critical Risk Apps and Threats and No Group

← All Findings

Vendor: SentinelOne Singularity XDR FIN-545 Weight: Confidence: Not Verified

What It Detects

MITRE ATT&CK Techniques

Comma-separated, e.g. T1078, T1190

Checks read-only

Field	Operator	Value
`Last Time Seen`	older than	14 days
`Critical Risk Apps List`	is not empty
`Threat List`	is not empty
`Asset Groups`	is empty

Remediation

Why It Matters

Notes read-only

LDG fields used:

Last Time Seen
Critical Risk Apps List
Threat List
Asset Groups