Automated Threat Alerts
under review ( scoping )
R
Ryan Poppa
Merged in a post:
alert at new Domains
Peter
A big benefit would be an simple email alert if access to new domains is happen/blocked. A lot of phishing emails goes to new domains and they are a very high risk. In the last time 90% was really dangerous and we must teach this users.
The alert should also contain the source (Site/Roaming Client/Relay Source-IP)
Greg Gelman
I would love to see this in place as well. To receive an alert when a website is visited that is 'allowed' but gets through because administrators of DNSFilter may have not blocked the right category and is considered any level of 'Malicious' per the 'Malicious' category that DNSFilter is building. We would also love to get email alerted (with options for slack, pagerduty, etc.) when people visit a site that may be 'Blocked' for 1 reason or another.
Trevor Tungseth
Hello Commenters,
We would enjoy chatting with you to learn more about how you would use this feature and the types of activity that you would like to be alerted on. If you would be up for a 15min chat with the DNSFilter product team, please book a time using this link: https://calendar.app.google/zcnzb1g29gPPKDJ78
We look forward to hearing from you!
Nigel
Triggered alerts would be a great addition, or much wider integrations into common PSA platforms such as Autotask
Luke Loobey
There should also be a generated auto-alert option for certain categories of website are triggered with the ability to choose which categories and where the email alert is sent per site. For example, when using DNS filter for students it would be great to have a more live-update on if anything especially inappropriate or red-flag inducing were accessed to then pass along to that school's staff who attempted to access it, what website it was, what category it hit/why it was blocked, and with a date and time stamp.
Neil
As a newcomer to DNSFilter, I don't understand why this is still under review, 5 years later?...
Darrin Piotrowski
This would be much easier if there was an integration with ConnectWise Manage.
Steve Staden
under review ( scoping )
Andre King
Immediate automated alerting is much needed for high priority activity. As stated in other comments, if for example malware is reaching out to a C&C domain, we would need to be alerted immediately with pertinent details for investigation and remediation.
Aliese
open
Load More
→