Learn Editor: Update app-governance-anomaly-detection-alerts.md

gayasalomon · gayasalomon · commit 9ea39e53d3be · 2024-12-03T11:50:23.000+02:00
diff --git a/CloudAppSecurityDocs/app-governance-anomaly-detection-alerts.md b/CloudAppSecurityDocs/app-governance-anomaly-detection-alerts.md
@@ -44,10 +44,16 @@ Following proper investigation, all app governance alerts can be classified as o
 
 - **True positive (TP)**: An alert on a confirmed malicious activity.
 - **Benign true positive (B-TP)**: An alert on suspicious but not malicious activity, such as a penetration test or other authorized suspicious action.
-- **False positive (FP)**: An alert on a nonmalicious activity.
+- **False positive (FP)**: An alert on a non-malicious activity.
 
 ## General investigation steps
 
+### Finding App Governance Related Alerts
+
+To locate alerts specifically related to App Governance, navigate to the XDR portal alerts page. In the alerts list, use the "Service Source" field to filter alerts. Set the value of this field to "App Governance" to view all alerts generated by App Governance.
+
+### General Guidelines
+
 Use the following general guidelines when investigating any type of alert to gain a clearer understanding of the potential threat before applying the recommended action.
 
 - Review the app severity level and compare with the rest of the apps in your tenant. This review helps you identify which Apps in your tenant pose the greater risk.
