Where can you find the number of files that would have been blocked based on Machine Learning Prevention settings?

The number of files that would have been blocked according to Machine Learning Prevention settings is found in the Investigate > Event Search > Audit > Machine-Learning Prevention Monitoring section. This section is specifically designed to provide insights into the actions that the Machine Learning model would have taken based on its assessment of file behavior. It allows security analysts to monitor potential threats and understand how the Machine Learning algorithms are interpreting file activities, ultimately enabling better-informed decisions about system security and response strategies.

This choice directly points to the audit capabilities of the platform, which are critical for analyzing machine learning effectiveness and understanding the landscape of potential threats that could impact system integrity. By focusing on this specific part of the interface, users gain valuable insights into preventable file activities as determined by the real-time and historical data processed by the Falcon platform’s machine learning capabilities.