Changes timeline

When a SOC analyst modifies the behavior of a detector, the change is logged to allow tracking and evaluation of whether the modification has improved or worsened the detector’s performance for that specific client. All changes made to a detector are available in the “Changes Timeline” tab, where analysts can review the full history of configuration adjustments.