SaaS Alerts' Office Hours | 12.03.24
HTML-код
- Опубликовано: 6 фев 2025
- Russia's Cyber Threat Actor Crackdown
The team discussed the recent crackdown on cyber threat actors by Russia, with some speculating that it might be politically motivated. They also discussed the potential impact of this crackdown on cybercrime, with some suggesting that it could lead to a shift in criminal activities. The team also touched on the topic of bots on social media, with one member noting a decrease in their followers. The conversation ended with a mention of China, North Korea and Iran, suggesting that these countries might not be as focused on cybersecurity as Russia.
SaaS Alerts Integration and Capabilities
Erick, Ben, Enrique and Logan discussed the integration of SaaS Alerts with Kaseya. They clarified that SaaS Alerts remains independent and can be used alongside Kaseya without any changes. They also mentioned that SaaS Alerts can be integrated into RocketCyber, but this is not a bundled product. The team also discussed the potential for more data and monitoring capabilities if SaaS Alerts and RocketCyber systems were to interface.
Double Billing and Contract Renewal
Erick, Logan, Ben, Enrique, and Peter discussed Erick's double billing issue, which involved payments to both Kaseya and another entity. They agreed to work on resolving this issue, with Logan suggesting that Erick involve his Kaseya account manager. They also discussed Erick's upcoming meeting with Kaseya's head of product, Mike Sanders. Peter raised a concern about his contract with SaaS Alerts, which is due to renew in 20 months, and whether his price would increase significantly. The team agreed that prices usually increase by 5% after three years, but the exact impact on Peter's contract was not confirmed.
Implementing Graphus for Phishing Detection
The team discussed the implementation of Graphus, a new tool for managing emails and detecting phishing attempts. Erick shared his experience with Graphus, noting its effectiveness in detecting phishing attempts and its user-friendly interface. Enrique, who recently started using Graphus, expressed his positive impressions and asked for guidance on reporting phishing attempts. The team also discussed the possibility of setting up a separate user account for Graphus to manage reported phishing attempts.
Thread Translates for Customer Support
Enrique discusses using a tool called Thread that automatically translates between Spanish and English for his customer support team in Mexico. The tool provides summaries in the native language and can translate live conversations. Enrique recently hired a team in India and appreciates their flexibility in handling Spanish tickets using the translation tool, rather than sending them back to him.
Alerts Integration and Ticket Creation
Enrique and Ben discussed the integration of alerts with Halo PSA. Enrique expressed concern about the creation of tickets and the ability to specify the priority level. Ben confirmed that it was possible to set up the system to create tickets of specific priority levels, although he was unsure of the exact process. They also discussed the upcoming improvements to the email ingestion for tickets, which would reduce the need for follow-up notes. Towards the end, they examined a new feature in the system that allows for custom mapping of urgency levels.
Handling Noisy Alerts and Custom Sources
Ben and Enrique discuss how to handle noisy alerts in their monitoring system. They consider adjusting the severity level of certain alerts to prevent them from creating tickets. Ben suggests creating a custom source for these alerts and setting up a workflow rule to automatically close low-severity tickets from that source. However, Enrique encounters an issue where he cannot create custom sources in the system. They plan to open a support ticket to investigate the issue. Enrique also mentions that after unpausing the alert queue, no new alerts are being processed, and they troubleshoot a potential error related to an invalid team setting.
Managing Alerts and Integrations Challenges
Ben and Enrique discussed the management of alerts and integrations for their system. Enrique proposed creating a shared mailbox inside the tenant to receive Managed SaaS Alerts via Azure APIs web hooks. Ben agreed and mentioned that they could also send alerts to personal emails or a ticketing system. They also discussed the issue of auto responders from ticketing systems stripping out important information, and Ben shared his solution of creating a new ticket in their system. Enrique suggested using a template for Autotask responses to avoid creating new tickets. They also discussed the challenge of blocking auto responders without blocking legitimate emails. Ben mentioned his ongoing work on improving the system's ability to identify and assign tickets correctly.
![Felix "Unfair" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/Oswujxm2Ag0/mqdefault.jpg)
