As an Admin user, it's unclear if Alerts I see in the Dashboard- that don't result in an escalation or incident- have already been investigated by my teammates. I am unable to indicate where an internal review or ownership process is in progress. This is especially evident for alerts where the operational practice internally is in opposition with the typical standard of best practice e.g Firewall alerts that are investigated and won't be resolved.

The ideal solution would ensure it's obvious to other admins that it had been investigated and resolved internally- regardless of whether the policy or config is compliant with best practices.