You are a security analyst for your company. The IT Team has deployed Elastic agents on your infrastructure, including endpoints, firewalls… those agents are collecting logs, metrics and security related data for months.

One morning, you open Kibana and discover that some alerts have been thrown. Is that a real threat?