Alerts have two origins. Typically, alerts are generated whenever a Unit21 detection tool (like a rule) flags an object, like an entity.
However, your organization can also send alerts generated from your in-house detection systems.
The /alerts endpoint can create, list, and update alerts.