AnsweredAssumed Answered

Alert types to show off Continuous Monitoring

Question asked by Chalky_White on Nov 25, 2016
Latest reply on Nov 16, 2017 by djprakash

Hi all,

I can see value in this module, but so far only have a couple of port/vuln alerts set up, and i'm not too convinced that this can justify the £££££££ for the module.

What alerts are others using to really show this off?  I've taken a look through some of the Information Gathered QIDs for our most vulnerable devices, and see nothing very unique that wouldn't trigger a mass of alerts, which would only turn colleagues off to this concept.

I'm thinking ideas such as "Mass storage device detected that does not match a certain Serial number batch", "Device with no Anti-virus detected".

Thanks, Tony