October 18, 2024

Dynamic Remediation

A new Remediation settings tab has been added to the Provider and Organization Settings. This page allows you to authorize the RocketCyber SOC team to take action on your behalf beyond device isolation.

In addition to device isolation, you can now provide authorization to the SOC to take the following actions:

Device Actions
- Remove files
- Terminate Processes
- Uninstall Software
Microsoft 365 Actions
- Disable Accounts
- Terminate Active Sessions

By default, these settings are not available at the organization level. To allow organizations to set custom remediation settings, enable the Allow organizations to configure remediation authorization toggle in the Provider Settings:

These remediation authorization settings replace the previous Remediation Authorization toggle. The status of the removed Remediation Authorization toggle has been transferred to the new Device Isolation Authorization to preserve your previous settings. This has been done at the provider and organization level.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.