Receiving extended notifications

You can configure the delivery of extended incident notifications via email to MDR users. Extended notifications contain a description of the attack detected as the incident, and the response recommendations. The attack description includes some data that the MDR solution receives as telemetry from devices connected to the MDR solution, so the description can include the following sensitive information:

• Host names
• Host IP addresses
• Account names
• Account passwords (if a script containing a password was run on a device)
• Service URLs
• Filenames
• Email addresses
• Names of the departments and tenants

The complete list of data received by the MDR solution is contained in the Data provision section.