=====================
Response
=====================

Overview
---------------------

Based on your alerts and patterns, DTonomy will recommend actions for you to respond to your security issues. 
Via integrations, you can create automated response. 

AI Recommendation 
---------------------

Our AI engine analyzes all the detections you have and provides recommendations on actions you should take. 

.. image:: /picture/response/recommendation.png
    :width: 600pt


Response Automation  
---------------------

You can create response automation via automation engine. In response, we provide different response to different types of artifacts. 

* response to alert 
* response to ip 
* response to user 
* response to machine  
* response to file
* response to registry 
* response to url 
* response to case



Under different types, the workflows will execute actions to different types of artifacts. 

.. image:: /picture/response/responsetypes.png
    :width: 600pt


Here are a few automation examples:

Block Ip
^^^^^^^^^^^^^^^^^^^^^^

We have a set of block ip actions you can use for systems in your environment. 

.. image:: /picture/response/blockip.png
    :width: 600pt


Reset Password
^^^^^^^^^^^^^^^^^^^^^^

Reset password is needed if a user is suspected to be malicious. 

.. image:: /picture/response/resetpassword.png
    :width: 600pt


Send Email
^^^^^^^^^^^^^^^^^^^^^^

Communication is important in security analysis and response. We support multiple communications channels such as Slack, Gmail, Outlook etc.  

.. image:: /picture/response/sendemail.png
    :width: 600pt

Create Ticket
^^^^^^^^^^^^^^^^^^^^^^

If you have a centralized ticket database, you can connect to create a ticket. 

.. image:: /picture/response/createticket.png
    :width: 600pt


Task 
---------------------

In our platform, you can create tasks and assign them to different owners. 

.. image:: /picture/response/createtask.png
    :width: 600pt