This article explores the email notification functionality for escalated threats. This plays a vital role for escalating threats by streamlining communication and ensuring timely notification of critical security incidents identified by Intezer's Autonomous SOC Solution.
Email notifications for threats escalated by Intezer ensures that critical security incidents like ransomware are promptly communicated, helping your team cut through the noise and quickly take action to mitigate risks.
To use Intezer's Webhook functionality, you can read the documentation here about setting up the webhook to streamline delivery of alert triage results or escalated threats.
Key Benefits of Threat Escalation Notifications
Intezer's email notifications for threat escalation offers several advantages:
- Timely Alerts: Immediate notification of confirmed, serious threats allows for rapid response and mitigation.
- Actionable Recommendations: Clear instructions in the emails guide your team to take appropriate actions to mitigate risks.
- Stakeholder Awareness: Key stakeholders are promptly informed, enabling coordination and collaborative incident response efforts.
When Does Intezer Send Escalation Emails?
Intezer's system automatically sends an email when predefined criteria are met. By default, only unmitigated threats with high or critical risk levels will be escalated via email.
This ensures that emails are sent when critical incidents require immediate attention, but avoids filling up your inbox with notifications about every new alert.
Contents of Threat Escalation Emails
Intezer's email notifications provide essential information about the alert, for example:
- Threat name identified by Intezer
- Risk level determined by Intezer
- Hostname
- Mitigation status
- Creation time
- Summary of automated response actions performed by Intezer
- User recommended actions from Intezer
This is an example of an email notification about a threat escalated by Intezer:
Customizing Your Escalation Notification Preferences
By default, your administrators in Intezer will receive these escalation emails for confirmed, unmitigated threats with a high or critical risk level.
Each organization has unique requirements, so you can customize the email settings to align with your specific needs:
- Notification Preferences: Specify individuals or teams to receive email notifications based on roles or custom distribution lists.
- Risk Levels: Configure email escalation based on risk levels to ensure appropriate attention to different types of threats.
For any additional questions or customization requests, reach out to support@intezer.com