🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Frequently Asked Questions

Account Management

How do I reset my password?

See Reset Your Password.

How do I reset my MFA?

See Reset Your Multi-Factor Authentication.

How do I add new users to my environment in Secureworks® Taegis™ XDR?

See Invite Users.

How do I remove users from my environment in Secureworks® Taegis™ XDR?

See Deactivate Users.

What are the supported MFA applications?

See Supported Multi-Factor Authenticator Applications.

How do I modify my email notification preferences?

See Notification Preferences.

How do I modify my theme?

See Theme Settings.

Secureworks® Taegis™ XDR Usage

How Does Secureworks® Taegis™ XDR Handle Encryption?

Data transferred in Taegis™ XDR browser sessions are transmitted with Hypertext Transfer Protocol Secure (HTTPS) and Transport Layer Security (TLS) encryption protocols that allow up to 2048 bit encryption. Secureworks uses a trusted certificate authority to issue a TLS digital certificate to inform users that the Taegis™ XDR session is secure. Customer data and/or confidential data is also encrypted in storage, and access to the cryptographic keys is restricted to authorized personnel.

What does Secureworks consider an “endpoint” to be?

The Secureworks® Taegis™ XDR license grants the licensee use of the Secureworks® Taegis™ XDR SaaS solution to protect the licensee’s entire IT estate (as described below) whether that be on-premise, at a hosting provider, in a private cloud, in a public cloud and/or consumed as a service.

To ensure visibility and effectiveness, it is required that the licensee cover their entire IT estate.

The licensee has the right to ingest data from all supported data sources defined in the Taegis™ XDR documentation, as listed in Available Integrations.

License Measurement:

The licensee’s entire IT estate is calculated by the number of endpoints that could host a supported agent, whether that agent be deployed on premises, hosted or in the cloud.

An “endpoint,” for this purpose, is defined as:

  • Any end-user computing instance (e.g., notebook, laptop, workstation, VDI instance)
  • Any physical server
  • Any virtual server
  • Any computing workload, which is defined by any installation of a server OS, such as:
    • Linux
    • Unix
    • macOS
    • Windows

For a full list of supported OS, please refer to Available Integrations.

Measurement:

Once an endpoint is counted, it is counted as live until it has not reported for at least 30 days.

Exclusions — The following are not defined as an “endpoint”:

  • External consultants’ devices which are not owned/managed by your organization
  • “Guest“ endpoints — such as a hotel guests’ devices, visitor/vendor devices
  • Storage-only systems (e.g., NAS, SAN and similar appliances)
  • Containers which are not supported by your endpoint agent of choice
  • Mobile Devices such as:
    • SmartPhones (Android / iOS)
    • Tablets (Android / iOS)
    • “Thin Terminals” (e.g., Wyse terminal) with limited compute, designed to connect to a Virtual Desktop
  • Network devices such as:
    • Firewalls
    • Routers
    • IDS/IPS
    • Gateways and Proxy systems
  • Systems running embedded Windows
  • OT/SCADA Systems that do not support the deployment of a supported endpoint agent

This content is subject to change.

Future changes, if necessary, will be updated here.

What is an Investigation?

An Investigation in Secureworks® Taegis™ XDR enables you to gather related information together. Other users in your tenant can see and participate in the investigation, including make comments, add related data, and change the status of the investigation.

What is a Genesis alert?

A Genesis alert is the first Alert that is used to start an investigation.

How do I start an investigation?

See Start New Investigations.

What are the supported integrations?

For a list of supported security controls that can be connected to Secureworks® Taegis™ XDR, see All Available Integrations.

How are unsupported syslog sources handled?

See Generic Syslog Data.

What is the user session timeout?

Users are automatically logged off after 60 minutes of inactivity.

Secureworks® Taegis™ ManagedXDR

Which alerts do Secureworks analysts look at with ManagedXDR?

With the exception of a few alerts, Secureworks analysts primarily look at Critical and High alerts.

Support

What are the different methods by which I can contact the analyst team?

Security analysts are available 24x7 through the in-application chat and ticket system. In addition, ManagedXDR Customers have access to Security Analysts via telephone.

How do I submit a ticket?

To submit a ticket:
  1. Select the help icon ( Help icon ) on the top right of the Secureworks® Taegis™ XDR menubar.
  2. Select Submit a Help Request.

How do I view submitted tickets for my organization?

To view in-process requests:
  1. Select the help icon ( Help icon ) on the top right of the Secureworks® Taegis™ XDR menubar.
  2. Select View Support Tickets.
  3. Select Organization Requests.

How do I create a HAR file for troubleshooting?

A HAR file logs the browser's interaction with a site to help better troubleshoot issues with Taegis™ XDR. To generate a HAR file to submit with your ticket, see Generating a HAR File for Troubleshooting in the Taegis™ Knowledge Base. If you are experiencing a login issue and cannot access the KB, see the Zendesk article Generating a HAR File for Troubleshooting.

How do I report a product issue or an outage to the support team?

To report an outage an appropriate ticket must be created. To create a ticket:
  1. Select the help icon ( Help icon ) on the top right of the Secureworks® Taegis™ XDR menubar. The help menu displays.

  2. Select Submit a Help Request to open the Support Desk in a new tab.

  3. Under ’Submit a Request’ choose Product Support Request or Report an Outage. Follow the prompts to complete your request.

How do I contact support if I am unable to log in to Taegis™ XDR?

Email taegis@secureworks.com. In addition, ManagedXDR Customers have access to Security Analysts via telephone.

How does Secureworks handle Support Requests awaiting a Customer’s response?

  • Any time Secureworks requires a response from a Customer, an email stating that a support request is pending is sent out.
  • If a Customer is unresponsive for 15 consecutive days, the support request is marked as solved. Prior to closing, multiple reminder emails are sent to the Customer.

Miscellaneous

What browsers are supported?

See Browser Requirements.

 

On this page: