Include what caused the alert in "CRITICAL - ISOLATED - Incident" tickets
P
Phillip Blackwell
We should at least be informed what was detected in these tickets.
1. Huntress creates emergency alert ticket w/ client primary contact as the contact
2. Huntress isolates workstation, says it will take up to 30 min to investigate, no other details.
3. Then tell us the MSI is approved and a false alarm, without mentioning the msi name or path at all.
4. Auto closes ticket
- We open a ticket with Huntress to find out what it was so we can inform the client as they are going to ask