Correlate Different Types of XDR Stories for the Same Source:
You can now see at a glance all the stories related to a source IP, including stories created by different XDR engines. This lets you easily extend your investigation into both the network and endpoint. For example, easily review Threat Prevention and Endpoint Alert stories that were created on the same host.
- This option is available by selecting Source IP in the Group By dropdown menu in the Stories Workbench
For more information, see Reviewing Detection & Response (XDR) Stories for Your Account