Response

Overview

Based on your alerts and patterns, DTonomy will recommend actions for you to respond to your security issues. Via integrations, you can create automated response.

AI Recommendation

Our AI engine analyzes all the detections you have and provides recommendations on actions you should take.

_images/recommendation1.png

Response Automation

You can create response automation via automation engine. In response, we provide different response to different types of artifacts.

  • response to alert
  • response to ip
  • response to user
  • response to machine
  • response to file
  • response to registry
  • response to url
  • response to case

Under different types, the workflows will execute actions to different types of artifacts.

_images/responsetypes.png

Here are a few automation examples:

Block Ip

We have a set of block ip actions you can use for systems in your environment.

_images/blockip.png

Reset Password

Reset password is needed if a user is suspected to be malicious.

_images/resetpassword.png

Send Email

Communication is important in security analysis and response. We support multiple communications channels such as Slack, Gmail, Outlook etc.

_images/sendemail.png

Create Ticket

If you have a centralized ticket database, you can connect to create a ticket.

_images/createticket.png

Task

In our platform, you can create tasks and assign them to different owners.

_images/createtask.png