We are looking to find a report that shows us the time between threat and threat response or closing. This is a means of addressing KPI's on a security control. So if it is a High or Critical threat, it is addressed within 2 hours, if it is Medium to Low, it is addressed within 12 hours. Is there anything like that in Alert Logic?
we can search through each individual incident and look at threat time and close time but that takes too long.
Please sign in to leave a comment.