Automations
In the Automations page, you can configure Infinity XDR Extended Detection & Response/XPR
Extended Prevention & Response to take prevention actions automatically when an incident is generated with a specified confidence and severity. Currently, the automatic response supports adding indicators to IoC Management.
For example, you can configure the automatic response that all IoCs with severity High and above must be added to IoC Management with the Enabled status.
|
Notes:
|
To configure an automatic response:
-
Go to Policy > Automations.
-
Enable the toggle button.
-
Select the required threshold (Confidence and Severity level).
|
Note - If the IoC is a file that matches the configured threshold, and if it is detected in a machine with Harmony Endpoint Security client installed, the file will be quarantined by Harmony Endpoint. |