Alert Logic Intelligent Response offers Simple Response automation, which allows you to respond automatically to common threats. While enabling the Simple Response automation, you have the option to require human approval for actions the Alert Logic automation suggests. The following workflow details describe what happens to an automation request as it is created, responded to, and deployed.
Customer Approval Workflow
- The customer has enabled a Simple Response option within the Alert Logic console, including enabling Apply exclusions and identifying users who will receive approval requests during the setup process. Simple Responses are enabled at (navigation menu) > Respond > Automated Response > Simple Responses > + Simple Response icon ().
- When a Simple Response action is identified and fired by Alert Logic, each identified approver is sent an email notification with the details and the option to approve or reject. All approvers who also have the Alert Logic mobile application are sent a push notification with the same options.
- The first approver to see the Simple Response notification and act on it – whether an approval or rejection – dictates what happens to the Simple Response action. Once the request has been approved or rejected, other approvers will not be able to approve or reject. If no approver sees or acts on the request within six hours, the request is automatically rejected.
Note: If at any point you would like to roll back an action taken via Simple Response approval, you can manage that in the Alert Logic console at > Respond > Automated Response > Simple History. - When an approver responds to the Simple Response request, the action is immediate. If rejected, the request is removed from the Approvals queue and no more action is taken. If approved, the requested action immediately takes place.
Additional Resources
For additional information on Intelligent Response, see these Alert Logic support resources:
- Intelligent Response for Managed Detection & Response
- Alert Logic Mobile Application
- Intelligent Response Simple Responses Automation Types
- Intelligent Response Simple Responses Workflow
- How do I log in to the Alert Logic mobile app?
- Intelligent Response Keyword Glossary
- Intelligent Response Frequently Asked Questions
- Get Started with Automated Response
- Get Started with Simple Responses
- Simple Response Configuration Guide
- Exclusions
Comments
0 comments
Please sign in to leave a comment.