Respond

The Respond group, found within the navigation menu (), houses the following pages:

• Incidents
• Exposures
• Health
• Automated Response

Incidents

An incident is a series of events that have been identified by Alert Logic® analysts in our Security Operations Center as potentially worrisome and that may require your attention. You should take action to close all open incidents to maintain secure environments.

The Incidents page houses every incident identified within your environment by name and with detailed information. For more information on the Incidents page, see the Alert Logic Console Incident Features knowledge base article.

Exposures

Exposures are potential vulnerabilities detected in your environment. Manage your exposures by utilizing their corresponding remediations, which are also available on this page.

The Exposures page houses both exposures and remediations, as well as full details on specific exposures or remediations. Switch between viewing exposures or remediations with the Remediations / Exposures drop-down menu.

The left sidebar allows you to apply filters to the list of exposures or remediations, and the Sort By drop-down menu allows you to sort the data table by TRI Score (Remediations only), Severity (Exposures only), Exposure Instances, Affected Assets, and Name.

Health

Manage the health of your networks, appliances, and agents, as well as your health notifications.

Choose between viewing Unhealthy, Healthy, Disposed, and Concluded data in the top left corner of the Health page. The Networks drop-down allows you to filter the table for health data on Networks, Appliances, Agents, Hosts with No Agent, Collectors, and Subnets. 

Filter data via the left-hand side filtering options, which include Protection Level, Platform, and Deployment options. As you choose filters, more filter options may appear to continue narrowing down your health data.

Automated Response

Enable and manage automatic responses to common threats.

Within the Automated Response page, you can create and maintain integrations with other technologies, review logs of the various actions taken through automated Simple Responses, enabled exclusions of specific users, IP addresses, or hosts from Simple Responses, and review outstanding actions Alert Logic is waiting for you to respond to related to a Simple Response.

For detailed information on each of these pages, see the Intelligent Response section of the Intelligent Response for Managed Detection & Response knowledge base article.