Automated Threat Alerts | Voters

296

Automated Threat Alerts

under review (next candidate)

Ken Carnesi

Automatic alert when a threat/malicious activity is detected by DNSFilter at one of your sites.

February 21, 2018

Nigel

Triggered alerts would be a great addition, or much wider integrations into common PSA platforms such as Autotask

Luke

There should also be a generated auto-alert option for certain categories of website are triggered with the ability to choose which categories and where the email alert is sent per site. For example, when using DNS filter for students it would be great to have a more live-update on if anything especially inappropriate or red-flag inducing were accessed to then pass along to that school's staff who attempted to access it, what website it was, what category it hit/why it was blocked, and with a date and time stamp.

Neil

As a newcomer to DNSFilter, I don't understand why this is still under review, 5 years later?...

Darrin

This would be much easier if there was an integration with ConnectWise Manage.

Steve

marked this post as

under review (next candidate)

Andre

Immediate automated alerting is much needed for high priority activity. As stated in other comments, if for example malware is reaching out to a C&C domain, we would need to be alerted immediately with pertinent details for investigation and remediation.

Aliese

marked this post as

open

Mikey @DNSFilter

Merged in a post:

More alerting options

Brad

IT would be useful to be able to receive email alerts for certain types of malicious traffic.
It would also be very useful to set alerts for malicious traffic based on timeframes. 
For example, admins should be alerted to malicious traffic detected during off-hours.

March 28, 2022

Mohamed

Nice

Scott

Will this potential feature also include regular scheduled summaries/digests of blocked sites? It would be good from customer perspective to provide them with a high level report of what has been successfully blocked over the course of say 30 days. If they need further detail then can access the portal and drill in to the detail.

Mikey @DNSFilter

Scott: we are currently working on an update to our reporting system which will include scheduled emails as you requested. We’ll offer weekly or monthly emails sent to any number of email addresses. These automated threat alerts are geared for real time events where you want immediate notice. An example: one of your users visits a known ransomware site. DNSFilter will block the site if you have threats blocked but you may want to know so you can educate the user how to spot phishing emails.

I hope that helps and look for the new reporting to launch later this year.

→