Number of alerts form a incident in DATP console, so closing every single alert in painful, instead we can close the whole incident which closes the every alerts on DATP. this reduces lot of time for analysts. For now we can get details,update, close for single alerts. Similar has to be implemented for incidents as well. Bulk alerts can be closed at one shot. Seems like this is not a big change just enhancement. If you install the "Microsoft Security Graph Integration for Resilient " from app exchange, you can get details / update / close alerts from resilient. Microsoft had no API's for Incidents until last month, so using this integration only we can play with alerts. However Incident API's are also available now.