Ability to create/edit/modify/delete other users within their org along with all other user permissions.
Update to Alert rule
Rare event(s) that cause suspicion
Asset nickname for quick identification
Keep track of when an asset was uploaded to the GRID
Level of importance given to asset data
Insert all names here to avoid duplicate assets
Add tags for organizing, searching, and filtering
Graphical view of event data
Block of IP Addresses that could be seen on your network.
Modify or remove event data as it is processed by GRID
Asset was scanned, malware was removed and the host was returned to service
When data is stored on remote servers
Data that is not searchable through the console. Can be brought into live mode if requested
The act of using policies to meet or exceed guidlines
A constraint used in a search to limit the data returned by the search engine. In DefenseStorm GRID, you can create data restriction rules using match conditions that determine what a given user sees on the Events page.
An event caused by a network configuration change
Following guidelines to ensure your network is in compliance
Combination of GRID, TRAC, and your network policies
A custom display of charts on the UI's homepage
Data is retained in the GRID for 90 days
DefenseStorm Virtual Machine (DVM)
Gateway between your network and the GRID
Not a false positive or a potential threat
Sent to TRAC for further review
Any activity that generates a log
Executive Level Reporting
Reporting that is analyzed and reviewed by executive-level board members
When an Incident is positive according to rule logic, but false upon further review
Fully qualified domain name
When the experts at DefenseStorm compare your network to any desired guidline and provide a report showing where your program needs improving to be fully compliant.
User interface of the DefenseStorm GRID
An event that needs further investigation
Incident State (Analysis)
Incident State (Closed)
No further action necessary
Incident State (Remediation)
Efforts are underway to resolve damage and root cause
Incident State (Resolved)
The problem has been discovered but not remediated
Incident State (Triage)
Default state when an Incident is created
Key that allows your network to communicate with the GRID
Access and ingestion of third-party data
GRID searchable data (past 90 days)
When the DefenseStorm GRID learns your network and can distinguish between normalities and anomalies.
Updates to product due to changes in requirements legislation, modifications in the software or hardware (operational) environment
Combining an untracked asset with a tracked asset
A set of rules put into place to ensure compliance with a regulation
Ability to do everything a user can do plus create incidents, classifiers and alerts
Language used to search events
Can only observe data
A free tool that provides endpoint visibility and record critical events while being non-intrusive, invisible to use, and if setup correctly, no negative performance impact.
A one-time job assignment
A re-occuring job assignment
An specific organization of charts ready to be generated as a report.
Combination of known threat intelligence within a community
Information from threat-sharing sources on common attacks, remedies, and prevention.
DefenseStorm’s internal cybersecurity and compliance experts
A registered asset
Sends an alert when parameters are met
List of recommended triggers
An alert is 100% malicious or unauthorized activity on your network.
Two Factor Authentication (2FA)
Two-tier login method to increase security
An asset sending data but is not registered
A profile created for specific GRID access
CC'ing someone to be kept informed