Welcome to
Help Desk

Product Updates
Training
Support
Ideas Contact Support

Auto-Remediation - Probable Ransomware Issues

Users have the ability to auto-remediate the Probable Ransomware Issues in Secure & Govern. Following are the steps listed to configure and enable auto-remediation rules for Probable Ransomware issues.

  • Navigate to Settings -> Analysis Rules.
    Auto-Remediation - Individual Permission Issues - 2.png
  • Select the desired Issue Type as Probable Ransomware.
    AutoRemediationProbableRansomwareIssues -1.png
  • Click on Create an auto-remediation rule.
    Auto-Remediation - Individual Permission Issues - 8.png

  • Enter Rule Name and Description. Select Next.
    Auto-Remediation - Individual Permission Issues - 10.png

  • Select Match Criteria ANY or ALL.
    Auto-Remediation - Individual Permission Issues - 1.png

When “ALL” is selected, all the rule conditions must be met for an issue to be auto-remediated. When “ANY” is selected, auto-remediation will occur when any of the rule conditions are met.

  • Enter Rule Condition
      • For Probable Ransomware issue type, two conditions available to add are based on Detection Confidence and user type.
        • Specify the criteria for first condition selected and click on Add Condition to specify the criteria for second condition.
          AutoRemediationProbableRansomwareIssues -2.png
  • Enter Rule Action
    • For Probable Ransomware issue type, there are three possible actions available as Deactivate user account, Dismiss issue(s), and Delegate to selected user. Add one or more actions to the Analysis rule
      AutoRemediationProbableRansomwareIssues -3.png
  • Select Next.
    Auto-Remediation - Individual Permission Issues - 5.png

  • Select whether or not to Apply this rule to previously detected issues that match the selected criteria and click Next.
    Auto-Remediation - Individual Permission Issues - 3.png
  • Review the Rule Configuration. Click on Create.
    Auto-Remediation - Individual Permission Issues - 9.png

The Back button can be selected at any time to change the rule configuration prior to the rule being created.

  • The Auto-Remediation Rule is created.
    Auto-Remediation - Individual Permission Issues - 4.png

Currently, only one auto-remediation rule can be created per issue type.

Additional Resources

Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.