How can you access related records for an active incident in the Microsoft Defender XDR portal?

In the Microsoft Defender XDR portal, to access related records for an active incident, using the greater than symbol next to the incident is the correct approach. This action typically expands the incident details to display additional related records that are associated with the incident.

When incidents are being managed in a security operations context, having quick access to related records is crucial for incident response and investigation, allowing analysts to gain insights into other alerts, activities, or entities tied to the initial incident. This design helps streamline the workflow, enabling security professionals to analyze the broader context and make informed decisions quickly.

The other options do not provide the appropriate method for accessing detailed related records for the incident in question. For instance, clicking a link or hovering over the incident may lead to different functionalities that do not specifically focus on revealing related records. Thus, recognizing the functionality of the greater than symbol within the portal enhances the efficiency of navigating through linked data.