For folks trying to interpret a NDR Sensor FLOW detection, we have an announcement Understanding NDR FLOW based detections that provides instructions on how to interpret the data and a Live Discover report that can be setup.
This is only the first step in work being done here. In addition to making the Live Discover report available to all customers as published Sophos Live Discover report we will be updating the detection record itself to leverage the Description details to provide a summary of the top contributor to the detection. We expect the changes to the Description field to be available in early March.
The Description field will be added to the top level record information.
You can also find the description in the details for the record.
Added clarification on where the description will be shown in the Detections page
[edited by: Karl_Ackerman at 2:45 PM (GMT -8) on 13 Feb 2023]