Forum Discussion

Christo De Lange's avatar
Christo De Lange
Brass Contributor
Oct 09, 2019

Responding to alerts limitations

This is more a suggestion to Microsoft unless I am missing a trick 🙂

 

When responding to alerts in Cloud App Security, you don't have the option to mark that you are investigating the alert, only options to dismiss, resolve or adjust policy.

This causes multiple Analysts to investigate the same alert. We need some way of showing that someone is actively investigating the alert, and avoid people thinking the alert is new.. (Similar to options available in Windows Defender ATP alert responses.)

Resources