We are now announcing the release of the new Alerts messages in preview mode. The alerts are generated on findings that Dome9 discovers when scanning AWS Accounts, Azure Subscriptions, and GCP Projects, and can be now more easily investigated.
The Alerts system was completely rebuilt based on feedback from our customers. We decided to base the new mechanism on the Dome9 Compliance Engine. The new alerts system provides many new enhancements and capabilities, including:
– Additional alert types: Any type of compliance rule can generate an alert, compared to network-alerts-only that were generated by the legacy alerts system.
– More control: The new alerts system allows users to select which findings would generate alerts. Users can select which “Continuous Compliance Notification Policy” (defined-for on a cloud account and compliance rules bundle) would continuously generate alerts when entities fail the compliance checks.
– Inline alert details: The alert details is now presented by expanding the alert (click the alert heading one more time to collapse).
– Customization: Users can generate alerts based on rules that they craft in a custom rules bundle. The rules are written in the Governance Specification Language (GSL) syntax.
– More actions: The new alerts system allow writing comments with recorded user name and assign an alert to a Dome9 user.
Additional capabilities, such as alert suppression (exclusion from findings and scoring), will be supported soon.
– Fine grained notifications: Notifications on newly generated alerts could be sent to different targets. The notifications are defined in the Continuous Compliance “Notification Policies”, and can be sent to email addresses, AWS SNS, Jira, and ServiceNow (and soon to Slack as well).
– Enhanced filtering: The new alerts support many filters, including free text search, that can easily narrow down the list of alerts and help the user to focus on the alerts that are more important. `
– Enhanced export capabilities: The new alerts system supports export alerts according to the applied filters. This allows to continue the alerts investigation and remediation on focused group of alerts.
To fully enjoy all of the new alerts capabilities a Compliance Module license is required:
- Customers with a Compliance Module license will be able to generate alerts based on all compliance bundles
- Customers without Compliance Module license will get basic findings from the “Dome9 Network Alerts” bundles for AWS, Azure, and GCP
The new alerts system is replacing the legacy alerts, which will still be available for a while. We will eventually remove the old alert system. In addition to the Compliance Alerts we also provide System Alerts, which includes system errors only.
We value your feedback! Please contact us for any questions or suggestions on the new alerts.