Set up tailored alerts based on specific search criteria to stay ahead of emerging threats related to the malware behaviors that matter to your organization. Every new sandbox report indexed by Malware Intelligence will be evaluated against alerting rules, effectively empowering a user with Live Malware Hunting capabilities.
Aleting can be set up after the Malware Hunting search query is executed, as well as from the Saved Queries and History tabs. You can create, review, or edit all current alerting rules.
Creating Alerting Rule
To create a new alerting rule, you need to pick a name, cadence, and alert's default assignee. You can toggle "My Recorded Future Sandbox" filter to drive alerts only from your Enterprise Sandbox submissions.
Editing Alerting Rules
You can edit active alerting rules at any time. Malware Intelligence will let you know if the current rule is generating results daily.