OpenText Core Threat Detection and Response is a security platform that uses behavioral analytics and machine learning to detect insider threats, credential misuse, and anomalies. The system continuously baselines normal behavior across users and entities to identify deviations that indicate potential security risks. The platform employs unsupervised machine learning to automatically learn organizational behavior patterns without requiring manual tuning or additional agents. It analyzes behavioral severity, frequency, and peer comparisons to dynamically score and prioritize threats, helping security teams focus on genuine risks rather than false positives. The solution provides context-rich alerts with explanations of detected anomalies, visual investigation dashboards with timelines and entity heat maps, and behavioral threat indicators to support threat hunting activities. It identifies malicious insiders, negligent behavior, compromised accounts, abnormal access patterns, privilege misuse, and suspicious data movement. The platform integrates with Microsoft ecosystem components, ingesting telemetry from Microsoft Defender for Endpoint and Entra ID to enhance detection capabilities. It is designed to reduce alert fatigue for security operations center teams and accelerate investigation workflows through automated behavioral analysis and risk-based prioritization.