Is there a report of response rates for threats for KPI's
We are looking to find a report that shows us the time between threat and threat response or closing. This is a means of addressing KPI's on a security control. So if it is a High or Critical threat, it is addressed within 2 hours, if it is Medium to Low, it is addressed within 12 hours. Is there anything like that in Alert Logic?
we can search through each individual incident and look at threat time and close time but that takes too long.
thank you
-
Official comment
Michael -
There is currently no report that will show you the data as you're describing. The Incident Workflow Explorer report, found in the Alert Logic console at Reports > Threats > Incident Analysis > Incident Workflow Explorer, will show you dates that incidents were closed, but does not include the more granular data you're looking for.
That said, I am going to move this post into our Feature Request forum and submit a request ticket to the Product team on your behalf. When we have news on this, we'll update you here.
If you have any further questions, please don't hesitate to ask!
-
Hi Michael,
Great question - let me dig into this and see what we've got for you. I'll reply here soon with details.
0
Please sign in to leave a comment.
Comments
2 comments