SOC Insight Report notifications provide timely information on all Insights identified on your network. Using notifications, you can keep aware of threats detected on your network.
You can configure Insight notifications to be viewed in the Infoblox Portal (in-application), and/or have notifications sent to an email recipient address of your choice in the Infoblox Portal, Insight notifications can be viewed on the notifications page in the Infoblox Portal.
| Infoblox Threat Defense - Insight Alert Update One or more domains have been added to this Insight Outlier.
| |
|---|---|
| Fields | Availability |
| Threat Type: <Major Attack> | IN-APPLICATION, EMAIL |
| Threat Class(s): <TI-MAJTHREAT> | IN-APPLICATION, EMAIL |
| Most recent event: <2023-06-27 08:38:10 +0000 UTC> | IN-APPLICATION, EMAIL |
| Threat Level: <high> | IN-APPLICATION, EMAIL |
| Ckick the link to go to the SOC Insights dashboard | IN-APPLICATION only |
Sample App/Infoblox Portal Notification
The following is a sample app/Infoblox Portal notification. Notifications for new assets and indicators are generated, as well.
Subject: Infoblox Threat Defense - Insight Alert
A new insight has been detected. Threat Type: Major Attack, Threat Class(s): TI-MAJTHREAT, Most recent event: 2023-06-27 08:38:10 +0000 UTC, Threat Level: high.
Alerting settings can be changed by highlighting your logged-in Name & User Profile > Notifications in the Infoblox Portal.
Go to the Insight Reporting Dashboard for details.
Image: A sample In-App Insight notification.
Domains
| Domain Notifications | |
|---|---|
| Fields | Description |
| Detection Class | The detection class of the domain triggering the detection |
| Detection Family | The detection family of the domain triggering the detection |
| Threat Indicator | The lookalike domain which triggered the detection |
| Target | The original domain |
Image: A sample In-App Domain notification.
Sample email notification (Domain)
Image: A sample, system-generated email notification.