Custom Rules and Automation

Create Detection Suppression Rules

XDR provides the ability to create detection suppression rules. To learn more about creating and managing detection suppression rules, visit the following guide:

Detection Suppression Rules

Create Custom Detection Rules

Create custom detection rules in XDR to alert you when specific criteria that you set are detected. This feature gives your security team the flexibility to create rules specific for your environment and allows further customization of your internal capabilities.

Important

Because custom detection rules vary greatly from customer to customer, our analysts are unable to monitor your custom rules. Therefore, if you implement custom rules, you must have internal resources and processes to manage the corresponding detections.

To learn more about creating and managing custom detection rules, visit the following guide:

Custom Detection Rules

Set up Automation Using Playbooks

Automation through XDR automates manual tasks, relieving your organization of common challenges such as a lack of resources and time to handle those otherwise manual tasks. This provides you with more time to review cases and respond to suspicious activity more efficiently.

Secureworks creates connectors to supported IT tools within your environment. These connections allow us to take read-and-write actions across your infrastructure, with your approval. You then create playbooks, which represent a series of actions and logic, specific and configurable to your organization. These playbooks take action on your network automatically, relieving the need for manual intervention.

Learn more about automation using playbooks by reviewing the following resources:

• Automations Overview
• Supported Playbooks
• Supported Connectors
• Playbooks Overview
• Configured Playbooks
• Playbook Executions
• Playbook Templates
• Playbook Template Versions
• Configured Connections
• Connector Library
• Connector Versions