1 Getting Started
2 Integrate EDR Agent
3 Integrate Data Sources
4 Using XDR
5 Steady State
Create Alert Suppression Rules ⫘
XDR provides the ability to create alert suppression rules. To learn more about creating and managing alert suppression rules, visit the following guide:
Create Custom Alert Rules ⫘
Create custom alert rules in XDR to alert you when specific criteria that you set are detected. This feature gives your security team the flexibility to create rules specific to your environment and allows further customization of your internal capabilities.
Because custom alert rules vary greatly from customer to customer, our analysts are unable to monitor your custom rules. Therefore, if you implement custom rules, you must have internal resources and processes to manage the corresponding alerts.
To learn more about creating and managing custom alert rules, visit the following guide:
Set up Automation Using Playbooks ⫘
Automation through XDR automates manual tasks, relieving your organization of common challenges such as a lack of resources and time to handle those otherwise manual tasks. This provides you with more time to investigate and respond to suspicious activity more efficiently.
Secureworks creates connectors to supported IT tools within your environment. These connections allow us to take read-and-write actions across your infrastructure, with your approval. You then create playbooks, which represent a series of actions and logic, specific and configurable to your organization. These playbooks take action on your network automatically, relieving the need for manual intervention.
Learn more about automation using playbooks by reviewing the following resources: