Built in Automatic Alerts

To see the built automatic alerts in CYBERQUEST web interface, please go to Settings > Applications > Alert Settings:

Alt Image

Select Alert Settings entry to change Alert settings. Here you can change all entries that are related to Alert.

Alt Image

Alerts_Blacklisted_IPs - it enables / disables the Blacklisted_IPs alert. This alert have 2 functions:
- IP Match alert is triggered when is a match in realtime;
- Backwards IPMatch alert checks in the last 30 days if you had communications with IPs in the new updated list.
Alerts_Blacklisted_Users - it enables / disables the Blacklisted_Users alert

CQ TI IPMatch

CQ TI IPMatch Alert - triggered when there is a match in the infrastructure to one of the malicious IPs. This alert is triggered when is a match in realtime.

CQ TI Backwards IPMatch

Backwards IPMatch - triggered when a new IP is detected, CQ automatically triggers the history of this IP to see if there is activity to the newly detected IP. This alert checks in the last 30 days if you had communications with IPs in the new updated list.

Batch fields Checker

To upload a text file and execute batch checking of the selected fields (for e.g. list of malicious IPs), please follow the link: Batch fields checker.

CQ TI Domain Match

CQ TI Domain Match - runs on every event that matches the list of malicious domains (BlackListDomains).