Latest ARC Update Streamlines Workflows and Incident Response Time
We've made some exciting new updates to Digital Guardian's Analytics and Reporting Cloud platform designed to help threat hunters and incident responders identify, analyze, and remediate threats more effectively.
Digital Guardian is excited to announce significant enhancements to incident management in the Analytics and Reporting Cloud platform!
Based on client feedback, we are releasing an improved user experience for incident workflows with a refactored incident layout and visually concise timeline display. This will help threat hunters and incident responders to identify, analyze, and remediate threats more effectively. Providing a visually concise timeline display simplifies its interpretation, especially for individuals who might not be familiar with complex datasets.
This clear representation ensures teams can timely identify threats and risk, before they become large-scale crises. The enhancements to the Incident Details workspace, below, aim to streamline workflows and improve efficiencies, ensuring that investigations are completed on time with minimal effort.
Sending notifications from Incident Management (see #1 below) now supports Email Templates, facilitating effective communication during an incident by providing pre-written content that can be quickly customized and sent out to relevant stakeholders. For example, you can use email templates to announce that you’re investigating potential data egress or to provide updates during a breach analysis to other internal teams.
By using Email Templates (see #2 below), you can deliver consistent information on specific activities and improve the efficiency of creating multiple email notifications for similar actions. You can also utilize parameters within the template (see #3 below) that are automatically filled with specific incident details.
A small but impactful addition are helpful links so organizations can streamline the process of accessing incidents. The Incident ID within details now includes a link driving more efficient incident access.
There are more improvements to come. In an upcoming release a collated and expandable timeline will be provided. This enhanced timeline of events enables you to gain valuable insights more efficiency, improve communication, and enhance collaboration in various contexts.
Having a collated and expandable timeline of events offers several advantages:
- Improved organization: A collated timeline allows you to consolidate all relevant events into a single, easy-to-read display. This helps you gain a comprehensive overview of the sequence of events, making it easier to identify patterns, dependencies, and potential issues.
- Enhanced analysis: By having a timeline that expands to include more details, you can delve deeper into each event and gain a better understanding of its context. This can help you identify the root causes of incidents, track progress, and make informed decisions.
- Efficient communication: A visually concise timeline display enables you to communicate complex information more effectively. It allows stakeholders to quickly grasp the sequence of events and understand the impact of each event on the overall situation. This can be particularly useful during incident management or when sharing updates with stakeholders.
- Streamlined collaboration: A collated timeline provides a shared reference point for all stakeholders involved in an incident. It helps align efforts, facilitates collaboration, and ensures everyone is on the same page. This can lead to improved coordination, faster decision-making, and more efficient problem-solving.
- Easy scalability: An expandable timeline can accommodate additional events as they occur without cluttering the display. This flexibility allows you to maintain a clear overview even as new information becomes available.
For more information about incident management and best practices to implement your own strategy, please contact support, or your customer success manager, to help you engage with one of our experts.