Cloud remediation

It’s been a SaaS-y kind of month. We’re excited to share some new features available to our MDR for SaaS customers. Read on to learn about our new automated remediation feature and new integration.

User account disablement

We’re taking our remediation capabilities to the cloud. Our analysts review and investigate alerts to determine if a user’s activity is normal. Now, when we identify it’s not, we’re able to automatically disable the compromised user account. This new capability means we’re able to stop threats from spreading in minutes, which means reducing risk for your organization. Plus, this gives you and your team time to pause and plan for next steps.

Go to your organization settings in Expel Workbench and select the auto-remediation tab to start. You tell us which accounts you either always want us to disable or those you’d prefer we leave for you.

New SaaS apps integration

Calling all CyberArk Identity users. This application is the latest addition to our integrations library. Our analysts use this product to pull event logs for a user or IP address. Ruxie uses it to generate timelines for CyberArk Identity alerts and a geolocation map of logins by user to provide our analysts additional context.