How to define priority contacts in case of an MDR alert?

Stoïk handles the analysis and processing of security alerts, but some situations require your direct action. For example:

Reformatting a workstation after a confirmed infection
Verification by the SOC: for example, if user X is using an unlisted tool Y, we will ask you to confirm its legitimacy
Active Directory alert: if a compromised account is detected, an incident response plan must be triggered with our recommendations (network shutdown, disabling VPN accounts, etc.)

⚠️ Important: to ensure that our team can contact you quickly in the event of an alert, please make sure you enter your priority contacts in the Settings > Users tab.

Please read User Access Management to set up these priority contacts.

PreviousDoes EDR slow down my computer?NextHow to read results on the MDR dashboard?

Last updated 1 month ago

Was this helpful?