Managed Detection: Will the Managed Detection Team Still Review an Alert if it has been Dismissed?
search cancel

Managed Detection: Will the Managed Detection Team Still Review an Alert if it has been Dismissed?

book

Article ID: 285402

calendar_today

Updated On:

Products

Carbon Black Cloud Managed Detection (formerly Cb Threatsight)

Issue/Introduction

Will the Managed Detection team still review an alert if it has been dismissed from the Alerts page?

Environment

  • CBC Web Console: All Versions
  • Managed Detection: Optional Add-on Subscription

Resolution

Regardless of the alert Severity, if the alert has been dismissed within two hours of it entering the Managed Detection console then it will not be reviewed nor triaged by the Managed Detection team.  It is assumed that the customer in question has already reviewed the alert at that point and will take action.

Additional Information

If an alert has a Severity that is less than 8 then the alert may be reviewed and triaged some time after the two hours depending on alert volume within the console.
Powered by Wolken Software