You have a Microsoft Sentinel workspace named SW1.
In SW1, you investigate an incident that is associated with the following entities:
* Host
* IP address
* User account
* Malware name
Which entity can be labeled as an indicator of compromise (loC) directly from the incident s page?
Raelene
17 days agoMerilyn
20 days agoAlex
21 days agoBilly
21 days agoDorthy
22 days agoBilly
24 days agoLetha
25 days agoMargart
26 days agoCory
1 months agoBobbye
23 days agoCatina
1 months agoSue
1 months ago