Understand the Principal (User) events surrounding a CDR finding with Principal Event History. 

When investigating a new CDR finding, without the context surrounding it, it can be hard to discern whether the intention behind it was legitimate.

Now, customers can see the principal's events before and after the finding to determine whether the principal was performing actions that were part of an attack or just routine business activity. 

Principal event history is available on the findings contextual view for all CDR findings where event history is available.  🎥 See a short video here.

Provide any feedback on this feature directly from the link provided at the bottom of the Principal History tab on the findings contextual view.