Ori Kanfer

Changes to Security Monitor Nomenclature for Warned and Denied Rules

Blog Post created by Ori Kanfer Employee on Nov 3, 2015

On November 16th A (new date is TBD for beginning of 2016) we are changing nomenclature for warned and denied rules metrics.

Warned will be renamed to Detected.

Denied will be renamed to Mitigated.


This change affects all areas of Security Monitor including Notifications.

If you are using email filters to monitor or filter based on these metrics (warned/denied) you should update your rules to accommodate this nomenclature change.

 

Here is a comparison of a sample email body content before and after the change:

 

Rule ActionToday

After the change on November 16

Warned

Metrics: (Warned(14.00)>=Threshold(10))

Metrics: (Detected(14.00)>=Threshold(10))

DeniedMetrics: (Denied(14.00)>=Threshold(10))Metrics: (Mitigated(14.00)>=Threshold(10))

 

 

 

 

 

 

Here is a sample notification email body with "Mitigated" instead of "Denied".

2015-11-03_15-16-41.jpg

Outcomes