Introduction
This article outlines the elements that make up an ARO. For more information on what an ARO is and how to work with them, visit our Knowledge Base chapter on AROs.
This article excludes the ARO Insights and Raw Data elements of an ARO, since they are not enabled by default. To learn more about these supplemental elements and how to enable them, visit ARO Insights & Raw Data for more.
Table of contents
Title
This section displays high-level information about the ARO, as well as some buttons you can use to work through the ARO to resolution. To learn about resolving, requesting help, or dismissing an ARO, see Working with AROs.
In the upper right, you can assign, watch or download the ARO.
Details
This section displays ARO’s “metadata”: the type, severity, status, organization, and timestamps. To learn more about ARO types and severities, see Getting to Know AROs.
Description
The description provides context to the security issue the ARO is reporting on.
The example description below is for an ARO that is reporting on a remote IP address that was found connecting to a local IP address via a Remote Desktop Protocol (RDP). This section will vary greatly depending on the issue the ARO is reporting on.
Mitigation Steps
This section provides clear and actionable steps to address the issue and resolve the ARO. Steps will vary from ARO to ARO, and you can check off each step as you complete them.
References
When available, references to credible reports, support articles, or other relevant content will be included in this section.
Activity
In the Activity section, you can view the history (status changes, requests for helps, etc.) of the ARO, as well as make, and view, comments and notes.
To learn now to make comments or notes, and how the ARO’s history is presented, see ARO Activity: History Comments, and Notes.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article