Describe the feature: Add a field to Endgame rules to include a risk score to show when the rule is triggered, this will assist with prioritizing these alerts.
Description of the problem:
When many different types of alerts appear it is difficult to prioritise which to look at first or to easily identify if they that signal is a critical risk.
The alerts should have this identifier to assist analysts in identifying which rules could be the most likely to detect malicious behaviors.
This risk score should also have a column in the lists for Threats and Adversary Behaviors so that it can be sorted by this number.
This would be similar to the risk score for the SIEM signals.