How to define priority contacts in case of an MDR alert?

Stoïk handles the analysis and processing of security alerts, but some situations require your direct action. For example:

  • Reformatting a workstation after a confirmed infection

  • Verification by the SOC: for example, if user X is using an unlisted tool Y, we will ask you to confirm its legitimacy

  • Active Directory alert: if a compromised account is detected, an incident response plan must be triggered with our recommendations (network shutdown, disabling VPN accounts, etc.)

PreviousDoes EDR slow down my computer?NextHow to read results on the MDR dashboard?

Last updated

Was this helpful?