User Profile & Settings
profile settings notifications
User Profile & Settings has your basic profile and preferences for Secureworks® Taegis™ XDR. To access it, select your user icon in the top right of the screen and choose User Profile & Settings.
Opening User Profile & Settings
Tip
Expand and collapse sections on the right of the page by selecting the arrow at the top right of each section.
Profile ⫘
The Profile section displays basic information about your user account:
- Name — Your first and last names
- Select Edit to update these fields and then select Save.
- Phone Number(s) — Your primary and secondary phone numbers
- Select Edit to update these fields and then select Save.
- Include the country code and area code with your phone number. Examples:
+15123919854or+(1)512-3919854 - Add an Extension if needed.
- Status — Your registration status for XDR
- Invited — Added as a user but email not verified
- Registered — Added as a user and email verified
Support PIN ⫘
See Access Your Support PIN for more information.
Language ⫘
Set your language for the application and email notifications to English or Japanese - 日本語.
Theme Settings ⫘
Choose a dark or light appearance for the application.
Reset Preferences ⫘
Choose Reset Preferences to reset all user settings throughout XDR to default.
Customize Your View ⫘
Choose your desired landing page from the drop-down menu, which displays only the options available to your user role. Once selected, your landing page displays whenever you log in to XDR.
Set Landing Page
Tenants and Roles ⫘
- Tenant Name and ID — The tenants to which you belong
- Assigned Role — The access level you have within the associated tenant
- Role Status — Your role status for the associated tenant, either Active or Inactive
Time Zone ⫘
Set the time zone to control the time and date displayed within XDR to match your location or to match a corporate server time zone setting to help align logs between systems. Your selection applies to your user account only in all tenants to which you have access.
Note
Your time zone selection only affects the display of data; raw logs are not affected and remain stored in UTC time.
Time Zone
By default, the time zone is set to UTC to match the standard manner logs are stored in XDR. The time zone drop-down menu always displays the first option as UTC and the second as your local time zone pulled from your browser settings. Select your preferred time zone or choose the checkbox to Default to browser/system settings automatically to inherit this from your browser settings and match your local time zone no matter your location.
Important
Time zone is a personal user setting affecting only your display of data which may differ from other users, including Secureworks users who view all logs in UTC.
Security Settings ⫘
To reset your multi-factor authentication for XDR, follow these steps:
Note
If you no longer have access to your multi-factor app, see Log In to XDR for additional authentication options.
- From the Security Settings section of User Profile & Settings, select Reset Authenticator.
Note
This option is not available if you access XDR via SSO.
-
Confirm your action by selecting OK.
-
On the Setup Authenticator form, follow the instructions to scan the QR code with your preferred authenticator app and complete the registration process. If you are unable to use the QR code, select Unable to scan QR code? and follow the instructions to copy a secret string into your preferred authenticator app and complete the registration process.
Setup Authenticator
- Once you have added the account to your authenticator app, select OK.
Important
Once you select OK to reset the authenticator, your previous authenticator and codes are invalidated.
- Confirm you have saved the new authenticator by selecting OK.
Confirm Authenticator
Preview New Features ⫘
Select your preview preference for new XDR features. Preview features are still in development and are being constantly updated. For more information, see What is XDR Preview?
Notification Preferences ⫘
Use the Opt-out of all notifications toggle to opt out of or in to email notifications of all types.
Configure specific email notification types using the appropriate toggles.
Notification Preferences
Note
By default, you will receive both group and individual Investigations email notifications. Regardless of these settings, you will continue to receive in-app notifications for both group and individual Investigations events.
Reports and Downloads ⫘
| Notification Setting | Description |
|---|---|
| A report (e.g., PDF) is ready for download | Enable or disable email notifications when a report is ready for download. |
| A data export (e.g., CSV) file is ready for download | Enable or disable email notifications when a data export file is ready for download. |
CTU Threat Intelligence Reports ⫘
| Notification Setting | Description |
|---|---|
| Tips on emerging threats | Enable or disable email notifications for a daily analyses of emerging threats, curated security news relevant to customers, and updates on security concerns currently being investigated by Secureworks Counter Threat Unit™ (CTU) researchers. |
| Advisories on Secureworks-identified threats | Enable or disable email notifications for time-sensitive information pertinent about threats impacting most Secureworks customers, high-profile threats (e.g., NotPetya), and high-criticality threats (e.g., Microsoft Windows zero-day vulnerabilities). |
| Threat Analyses about select malware and threats | Enable or disable email notifications for detailed technical analyses of persistent attack tradecraft, threat group activity, threat scenarios, or country assessments. |
Investigations ⫘
| Notification Setting | Description |
|---|---|
| I’m assigned to an Investigation | Enable or disable email notifications when an Investigation is assigned to you. |
| I’m mentioned in a comment | Enable or disable email notifications when you are @mentioned in an Investigation comment. |
| Automatic investigations change summary | Enable or disable daily email notifications that summarize which alerts were appended automatically to an investigation. |
Group Investigations ⫘
| Notification Setting | Description |
|---|---|
| My team is assigned an investigation | Enable or disable email notifications when an Investigation is assigned to your team by Secureworks. |
| My team is mentioned in a comment | Enable or disable email notifications when your team is @mentioned in a comment by Secureworks. |
Automations ⫘
| Notification Setting | Description |
|---|---|
| Playbook notifications on investigations | Enable or disable email notifications for playbook activity related to investigations. |
| Playbook notifications on alerts | Enable or disable email notifications for playbook activity related to alerts. |
| Excessive playbook executions | Enable or disable email notifications for excessive playbook executions. The default value for trigging this notification is 2,000 concurrently running playbooks within a tenant, or 4,000 for MSSP Partner tenants. Contact support to adjust this setting. |
Health Status ⫘
| Notification Setting | Description |
|---|---|
| The status of a data collector changes | Enable or disable email notifications when a Taegis™ XDR Collector is offline. |
| Collector endpoint certificate is about to expire or expired | Enable or disable email notifications sent 90, 60, 30, and 10 days before the certificate used to configure your XDR Collector's eStreamer-eNcore or TLS enabled Syslog application expires, and then daily through the expiration date and for ten days after. |
| Status of an endpoint integration changes | Enable or disable email notifications when the status of an endpoint integration changes. |
| Status of a data source changes | Enable or disable email notifications for a daily summary of data sources that have not sent data in more than 24 hours. |
| Assets are deemed unhealthy* | Enable or disable email notifications when assets enter an unhealthy status. |
| Upcoming data collector maintenance | Enable or disable email notifications that alert you to upcoming data collector maintenance. |
*Unhealthy asset email notifications are sent on a daily basis at 19:30 UTC only to Tenant Admins.