🌙

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

User Profile & Settings

profile settings notifications


User Profile & Settings has your basic profile and preferences for Secureworks® Taegis™ XDR. To access it, select the Profile icon from the Taegis Menu and choose User Profile & Settings.

You can adjust the settings to tailor your experience in the XDR application such as:

Opening User Profile & Settings

Opening User Profile & Settings

Tip

Expand and collapse sections on the right of the page by selecting the arrow at the top right of each section.

Profile

The Profile section displays basic information about your user account:

Support PIN

See Access Your Support PIN for more information.

Language

Set your language for the application and email notifications to English or Japanese - 日本語.

Theme Settings

Choose a dark or light appearance for the application.

Reset Preferences

Choose Reset Preferences to reset all user settings throughout XDR to default.

Customize Your View

Choose your desired landing page from the drop-down menu, which displays only the options available to your user role. Once selected, your landing page displays whenever you log in to XDR.

Set Landing Page

Set Landing Page

Tenants and Roles

Time Zone

Set the time zone to control the time and date displayed within XDR to match your location or to match a corporate server time zone setting to help align logs between systems. Your selection applies to your user account only in all tenants to which you have access.

Note

Your time zone selection only affects the display of data; raw logs are not affected and remain stored in UTC time.

Time Zone

Time Zone

By default, the time zone is set to UTC to match the standard manner logs are stored in XDR. The time zone drop-down menu always displays the first option as UTC and the second as your local time zone pulled from your browser settings. Select your preferred time zone or choose the checkbox to Default to browser/system settings automatically to inherit this from your browser settings and match your local time zone no matter your location.

Important

Time zone is a personal user setting affecting only your display of data which may differ from other users, including Secureworks users who view all logs in UTC.

Security Settings

To reset your multi-factor authentication for XDR, follow these steps:

Note

If you no longer have access to your multi-factor app, see Log In to XDR for additional authentication options.

  1. From the Security Settings section of User Profile & Settings, select Reset Authenticator.

Note

This option is not available if you access XDR via SSO.

  1. Confirm your action by selecting OK.

  2. On the Setup Authenticator form, follow the instructions to scan the QR code with your preferred authenticator app and complete the registration process. If you are unable to use the QR code, select Unable to scan QR code? and follow the instructions to copy a secret string into your preferred authenticator app and complete the registration process.

Setup Authenticator

Setup Authenticator

  1. Once you have added the account to your authenticator app, select OK.

Important

Once you select OK to reset the authenticator, your previous authenticator and codes are invalidated.

  1. Confirm you have saved the new authenticator by selecting OK.

Confirm Authenticator

Confirm Authenticator

Preview New Features

Select your preview preference for new XDR features. Preview features are still in development and are being constantly updated. For more information, see What is XDR Preview?

Notification Preferences

Use the Opt-out of all notifications toggle to opt out of or in to email notifications of all types.

Configure specific email notification types using the appropriate toggles.

Notification Preferences

Notification Preferences

Note

By default, you will receive both group and individual Investigations email notifications. Regardless of these settings, you will continue to receive in-app notifications for both group and individual Investigations events.

Reports and Downloads

Notification Setting Description
A report (e.g., PDF) is ready for download Enable or disable email notifications when a report is ready for download.
A data export (e.g., CSV) file is ready for download Enable or disable email notifications when a data export file is ready for download.

CTU Threat Intelligence Reports

Notification Setting Description
Tips on emerging threats Enable or disable email notifications for a daily analyses of emerging threats, curated security news relevant to customers, and updates on security concerns currently being investigated by Secureworks Counter Threat Unit™ (CTU) researchers.
Advisories on Secureworks-identified threats Enable or disable email notifications for time-sensitive information pertinent about threats impacting most Secureworks customers, high-profile threats (e.g., NotPetya), and high-criticality threats (e.g., Microsoft Windows zero-day vulnerabilities).
Threat Analyses about select malware and threats Enable or disable email notifications for detailed technical analyses of persistent attack tradecraft, threat group activity, threat scenarios, or country assessments.

Investigations

Notification Setting Description
I’m assigned to an Investigation Enable or disable email notifications when an Investigation is assigned to you.
I’m mentioned in a comment Enable or disable email notifications when you are @mentioned in an Investigation comment.
Automatic investigations change summary Enable or disable daily email notifications that summarize which alerts were appended automatically to an investigation.

Group Investigations

Notification Setting Description
My team is assigned an investigation Enable or disable email notifications when an Investigation is assigned to your team by Secureworks.
My team is mentioned in a comment Enable or disable email notifications when your team is @mentioned in a comment by Secureworks.

Automations

Notification Setting Description
Playbook notifications on investigations Enable or disable email notifications for playbook activity related to investigations.
Playbook notifications on alerts Enable or disable email notifications for playbook activity related to alerts.
Excessive playbook executions Enable or disable email notifications for excessive playbook executions. The default value for trigging this notification is 2,000 concurrently running playbooks within a tenant, or 4,000 for MSSP Partner tenants. Contact support to adjust this setting.

Health Status

Notification Setting Description
The status of a data collector changes Enable or disable email notifications when a Taegis™ XDR Collector is offline.
Collector endpoint certificate is about to expire or expired Enable or disable email notifications sent 90, 60, 30, and 10 days before the certificate used to configure your XDR Collector's eStreamer-eNcore or TLS enabled Syslog application expires, and then daily through the expiration date and for ten days after.
Status of an endpoint integration changes Enable or disable email notifications when the status of an endpoint integration changes.
Status of a data source changes Enable or disable email notifications for a daily summary of data sources that have not sent data in more than 24 hours.
Assets are deemed unhealthy* Enable or disable email notifications when Endpoint Agents enter an unhealthy status.
Upcoming data collector maintenance Enable or disable email notifications that alert you to upcoming data collector maintenance.
Upcoming NDR appliance maintenance Enable or disable email and in-app notifications about upcoming maintenance on NDR Devices.

*Unhealthy asset email notifications are sent on a daily basis at 19:30 UTC only to Tenant Admins.

 

On this page: