Which alert type is considered critical for immediate attention in a Cortex XDR environment?

In a Cortex XDR environment, alerts that are classified as critical indicate situations that require immediate attention and action from security teams. This classification typically involves incidents that pose an imminent or severe threat to the organization's security posture, such as attempted breaches, active attacks, or vulnerabilities that are being exploited in real-time.

Critical alerts are escalated above other types because they highlight urgent risks that could lead to significant adverse effects if not addressed swiftly. Upon receiving a critical alert, it is essential for security professionals to prioritize these incidents to mitigate potential damage, protect sensitive data, and ensure overall system integrity.

In contrast, other alert types, such as information, warning, and low, denote varying levels of urgency or severity but do not require the same immediate response as critical alerts. Information alerts generally provide insights or observations that do not indicate an action is required, warnings suggest caution but may not necessitate urgent action, and low alerts typically represent less severe issues or informational messages that can be addressed at a later time.