Skip to content

Commit dbf266c

Browse files
limwainsteinlimwainstein
committed
Alert detection policies
1 parent 268bc3a commit dbf266c

File tree

2 files changed

+11
-1
lines changed

2 files changed

+11
-1
lines changed

articles/defender-for-iot/organizations/alert-engine-messages.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ Alert severities on this page are listed by the severity as shown in the Azure p
4141
| **Malware alerts** | Triggered when the Malware engine detects malicious network activity. For example, the engine detects a known attack such as Conficker. |
4242
| **Anomaly alerts** | Triggered when the Anomaly engine detects a deviation. For example, a device is performing network scans but isn't defined as a scanning device. |
4343

44+
Defender for IoT's alert detection policy steers the different alert engines to trigger alerts based on business impact and network context, and reduce low-value IT related alerts. For more information, see [Focused alerts in OT/IT environments](alerts.md#focused-alerts-in-otit-environments).
45+
4446
## Supported alert categories
4547

4648
Each alert has one of the following categories:

articles/defender-for-iot/organizations/whats-new.md

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,15 @@ Features released earlier than nine months ago are described in the [What's new
2020

2121
|Service area |Updates |
2222
|---------|---------|
23-
| **OT networks** | [Alert ID now aligned on the Azure portal and sensor console](#alert-id-now-aligned-on-the-azure-portal-and-sensor-console) |
23+
| **OT networks** | - [Focused alerts in OT/IT environments](#focused-alerts-in-otit-environments)<br>- [Alert ID now aligned on the Azure portal and sensor console](#alert-id-now-aligned-on-the-azure-portal-and-sensor-console) |
24+
25+
### Focused alerts in OT/IT environments
26+
27+
Organizations where sensors are deployed between OT and IT networks deal with many alerts, related to both OT and IT traffic. The amount of alerts, some of which are irrelevant, can cause alert fatigue and affect overall performance.
28+
29+
To address these challenges, we've updated Defender for IoT's detection policy to automatically trigger alerts based on business impact and network context, and reduce low-value IT related alerts.
30+
31+
For more information, see [Focused alerts in OT/IT environments](alerts.md#focused-alerts-in-otit-environments).
2432

2533
### Alert ID now aligned on the Azure portal and sensor console
2634

0 commit comments

Comments
 (0)