RDR Product Feedback and Bug Reports?

Please post your F-Secure Rapid Detection & Response (RDR) product feedback and improvement ideas here (by replying to this post) for product management team to review and other partners to comment as well.

 

For bug reports please use the official support reporting form by picking from the Product Details field "Corporate Service Products" and "Rapid Detection & Response (RDR)" solution. Please describe the problem in detail (i.e. steps how to reproduce it) with relevant attachments (screenshots, logs etc.) that could help F-Secure team to review of the issue.

Comments

  • Azian
    Azian Posts: 1 New Member

    Good day,

    When a broad context detection is triggered, an e-mail notification is sent to the configured e-mail addres inside the RDR platform.

    The information that we get is:

    Category

    Risk level

    Confidence

    Criticality

    Affected hosts

    Company


    Perhaps it can be helpful to include the Summary and/or Process Tree information from the broad context detection ?

    Or perhaps the idea to let the customer have control over what content is included in the e-mail notification would be better ?

    shannin
  • linck_tello
    linck_tello Posts: 18 Explorer

    Hi F-Secure

    Some improvements to RDR.

    • Device Groups
    • Automated response by device Groups
    • Improve the for RCA graph.
    • Add host information (HW and SW)

    BR

    Linck Tello Flores

    Lakshshannin
  • lauraled
    lauraled Posts: 3 New Member

    Hi, we recently purchased EDR licenses. Before that we had evaluation keys active on some machines. The sensor on these machines now can't connect to our policy manager. This article describes my problem exactly:

    https://community.f-secure.com/atp-en/kb/articles/8949-rdr-clients-are-not-shown-in-rdr-portal

    However, the sharepoint link with the hotfix has expired...

    Can you please update the link in the article?

  • shannin
    shannin Posts: 2 New Member

    False positive button as a direct link, since that is the one we need most often. Very frustrating to hover over close|false.

    Also, detections list should show some information about the case, e.g. first processes or something to make it possible to close multiple cases at once.