Which piece of information is NOT typically found in the Detection Activity Report?

The information typically found in the Detection Activity Report focuses on records pertinent to security incidents, including the actions taken during incident response, detection objectives, tactics employed, and severity levels of the detections identified by the Falcon sensor.

Detailed incident response actions are important because they provide context on how incidents were managed and resolved. Detection objectives and tactics describe the specific approaches used to identify threats, while severity levels indicate the extent of the threats detected, which assists responders in prioritizing actions accordingly.

In contrast, results of sensor health checks, while crucial for the overall maintenance and effectiveness of the sensors, do not fall within the scope of the Detection Activity Report. This report is aimed at detailing detections and responses rather than system health metrics. Therefore, these results are typically documented in separate reports focused on sensor performance and operational status rather than in the context of detection activities.