===================== Response ===================== Overview --------------------- Based on your alerts and patterns, DTonomy will recommend actions for you to respond to your security issues. Via integrations, you can create automated response. AI Recommendation --------------------- Our AI engine analyzes all the detections you have and provides recommendations on actions you should take. .. image:: /picture/response/recommendation.png :width: 600pt Response Automation --------------------- You can create response automation via automation engine. In response, we provide different response to different types of artifacts. * response to alert * response to ip * response to user * response to machine * response to file * response to registry * response to url * response to case Under different types, the workflows will execute actions to different types of artifacts. .. image:: /picture/response/responsetypes.png :width: 600pt Here are a few automation examples: Block Ip ^^^^^^^^^^^^^^^^^^^^^^ We have a set of block ip actions you can use for systems in your environment. .. image:: /picture/response/blockip.png :width: 600pt Reset Password ^^^^^^^^^^^^^^^^^^^^^^ Reset password is needed if a user is suspected to be malicious. .. image:: /picture/response/resetpassword.png :width: 600pt Send Email ^^^^^^^^^^^^^^^^^^^^^^ Communication is important in security analysis and response. We support multiple communications channels such as Slack, Gmail, Outlook etc. .. image:: /picture/response/sendemail.png :width: 600pt Create Ticket ^^^^^^^^^^^^^^^^^^^^^^ If you have a centralized ticket database, you can connect to create a ticket. .. image:: /picture/response/createticket.png :width: 600pt Task --------------------- In our platform, you can create tasks and assign them to different owners. .. image:: /picture/response/createtask.png :width: 600pt