Alerts & Response

What are alerts? What are they telling me? What should I do?

Overview

Alerts are the primary method for Vectrix users to become aware of security issues detected by a module.

Alerts are sent to Slack with relevant information of the detected issue, and in some cases, come with a built-in way to fix the issue in just a click.

When can I expect an alert?

Whenever a change has been detected since the module's previous scan. To see the scan frequency of a specific module, navigate to its deployment configuration and locate the drop-down menu title Scan Frequency. Any changes since the last scan detected by the next scan prompt an alert.

What does this alert mean?

See the 'Alerts' section of each module for context on the alerts you receive.

How do I fix the issue?

See the 'Alerts' section of each module for actions to take on the alerts you receive.

Alert References by Module

Terminology

When alerts are sent, they include a recommended Investigate timeframe and Severity of impact.

Note: These are only suggested timelines and severities. Ultimately, it is the users own responsibility to review alerts based on the context of their own systems and services.

🔎 Investigate

How quickly does this need to be actioned?

Timeframe

Means...

As Time Permits

worth following up in the next week or so

ASAP

investigate ASAP but don't drop everything to do so

Immediately

drop everything, take action now! A timely response is essential

⚡ Severity

Just how bad is it? Is this something likely to cause a breach notification scenario?

Rating

Means...

Low

something to be aware of but likely minimal impact

Medium

there is value reviewing to ensure impact is minor

High

indicates an uncomfortable amount of risk, something that should be addressed as it can cause an adverse impact

Critical

indicates an unacceptable amount of risk. Potential to "end up as a headline" type impact