You would like to know what you need to do when you receive large numbers of alerts
There are generally a few things that cause lots of repeated alerts:
- If you have the "Score" threshold set too low in your mobile app. The lower the score threshold, the more alerts you'll see, the higher the score, the more accurate and important the alerts will be, but there will be fewer numbers of them.
- If there is an ongoing attack which is using multiple different attack vectors. In cases like this, you will get multiple different alerts. For instance, you will receive an alert for the initial attack and then an additional alert for each lateral movement.
- When attack information is being re-assessed, such as the attacker has changed tactics.
Generally, the likelihood of receiving large numbers of high severity events is uncommon and normally only seen in larger organisations which are the biggest targets.
If you feel you're getting too many alerts, please reach out to our support team by live chat, email or phone.