Resolution Intelligence is a secure operations platform that helps enterprises transform digital operations. It brings together the best of human expertise and machine intelligence (Artificial Intelligence/Machine Learning) to promote fast and reliable resolutions. Resolution Intelligence Cloud is a native SaaS platform that powers high-performing secure operations at scale. It takes a proactive and predictive approach to secure operations by incorporating security into every layer of operations.
Why Resolution Intelligence Cloud?
Our Resolution Intelligence streamlines threat detection and response, site reliability engineering (SRE). It reduces MTTR and lowers dependency for in-house experts. Our solutions enable businesses to reduce operational noise, eliminate silos, increase collaboration, prioritize problems. Our users can focus on business criticality, and speed up remediation while maintaining their security posture.
Accessing the Resolution Intelligence Cloud
This section helps you to know the basics to access Resolution Intelligence Cloud.
For the first time users, refer this documentation.
To sign into the platform,
- Go to Resolution Intelligence login page
- Enter your registered email address
- Click Continue
- Open the authenticator (either Microsoft or Google Authenticator) on your mobile phone
- Enter One-time code that appears on your authenticator app
- Click Continue
- Select Text (xxxxxxxx19) or Call (xxxxxxxx19) that you have already registered your phone number in the platform. A six-digit passcode will be received on your registered phone number
- Enter Six-digit passcode in the given field
- Click Sign in.
Resolution Intelligence at a Glance
After you signing in, you are directed to the home page of Resolution Intelligence where you can see various offerings:
- Insights: gives you analytics of your organization's infrastructure data relevant to digital ops and security
- Resolutions: Netenrich Resolutions enable you to take firm decisions based on the conclusions derived from the data which comes from multiple sources.
- Configurations: This tab help you to configure multiple configurations such as managing users, Rules, Services, Escalation policies, ActOn policies, and Correlation policies.
- Timezone: You can see your local time based on the location where you are logged on.
- Account Switcher: Here If you logged in as a partner user, you could view your multiple tenant users. If you logged in as tenant user, you could not view either organization or other tenants.
- Profile: Here you can see your profile details - Name, Role, Title, local time zone, contact information, and notification settings.
Navigating the Resolution Intelligence Cloud
This section helps you navigate the main sections and menu items while working with the platform. To reach the platform, log into your account and explore the various features.
Exploring the Landing Page
After you sign in, you are directed to the landing page, which is, essentially, your account homepage.
The Top Menu
The top menu available on the landing page provides access to the following options:
- Reach the Home Page: This page contains the following dashboards.
- Resolution Intelligence@work: These dashboards give you an overview of the direct value the platform is bringing to you. Widgets listed in this page.
- Detection Coverage: Detection coverage page transpires an end-to-end integrated view of your IT environment, the different classes of assets being monitored, and the various category of checks and status within these classes, all of which the compounded real-time to assess an impact. The detection coverage page is a simplified view of the proprietary ontology deployed for you. For more information on widgets, visit here.
- AIOps: A set of widgets measuring the performance AIOps over the signals ingested. For more information on widgets, visit here.
Note: You can switch to the above dashboard areas by clicking on the respective buttons.
2. Access the Insights in your Organization or Tenant account
3. Reach your Resolutions
4. Access the Configurations
5. Switch Tenant if you are an Organization user
6. Access the Profile section, which allows you to reach the following features:
- View your Profile,
- Access the Admin Console – only if you are an Administrator. This is where you can manage your account and associated assets
- Log out
The Left Navigation Menu
The Left Navigation Menu changes based on your selection in the top menu and your tenant account type.
On the home page, we have the following items in the Left Navigation Menu. To view/hide the Left Navigation Menu, click Right Arrow (-->)/ Left Arrow (<--) in the Home page.
- Overview - The overview dashboard gives you general insights into the operations performed.
- Major Situations - Provides insights of all the major situations that are impacting the tenant operations.
- Wellness - Insights on the maintenance activities that are ongoing to prevent any outages in your organization's infrastructure.
- Noise Reduction - Activities associated with noise reduction (AIOps, Auto validation, Auto resolution, etc.).
- Requests - Track all the service level requests created by the end-user.
- Signal & Situation Browser - Tracks the number of situations per device category and its subcategory.
- Threat Detection- gives you an ideal way of mapping MITRE tactics & techniques to detect threats, total number of situations generated from different signals, and how an analyst responded to each situation.
- Threat Hunting - helpful to track where different threats present and how these threats arrive in an organization IT infrastructure.
- Attack Surface Exposures - includes dashboard shows different widgets that consist of risk score associated with each threat, discovery of risky assets, exposed services to digital attacks, and risks detected from different sources - AWS, Amazon, Google Cloud, and others.
- Asset Overview - The number and the type of assets are available in Resolution Intelligence Cloud
- Asset Details - Asset details such as Operating System (OS) type, version, BIOS version, etc. are displayed. This widget displays the summary and visualization of onboarded assets.
- Ingestion Health - With Resolution Intelligence's ingestion health dashboard, you can monitor the data ingested from potential sources - Microsoft Azure, Amazon Cloud trail, and Google Chronicle and quickly understand the type and amount of data we have.
- Detection Coverage - The percentage of rules can be detected against MITRE tactics & techniques matrix based on the data that you ingest into your Chronicle account. The amount of quality data that you have currently which in turn help you to ingest sufficient data sources to enhance the rule detection against MITRE tactics & techniques matrix.
- Dashboards & Reports- includes creating & customizing dashboards and reports, exporting dashboards and their widgets to PDF, PPT, and Excel according to the user requirement.
Exploring the Insights Tab
This tab consists of the multiple dashboards derived from the digital ops data. You can see the following items in the left navigation menu when you click on Insights tab in the top menu.
Immediately, you will be directed to Overview under Operations where you can see the following tabs.
- Service Level Insights
- SDM Insights
- Automation Insights
- Monthly Service Review
- Exportable Client Report
Note: You can switch to the above tab areas by clicking on the respective buttons.
Exploring the Resolutions Tab
To navigate to this tab, click Resolutions in the top menu. This tab consists of the following items help you know the type of ActOns (Ops and Security) that are receiving, the number of signals correlating into a situation, and automation of change requests.
- ActOns - a situation relevant to security and digital ops for which you need to act upon to remediate the issue caused in your organization's IT infrastructure.
- Situations - provide context to issues, and allow you to quickly identify, triage, and remediate problems before they become severe.
- Signals - a detection received from monitoring tools and has reported to Resolution Intelligence.
Exploring the Configurations Tab
To navigate to this tab, click Configurations in the top menu, and the following items appears in the left navigation menu.
- Overview - contains the user name, contact, and company details. You can edit the settings and your profile information.
- Usage & Limits - Provides a detailed view of resource consumption based on your subscription plan. This feature lets you know the consumption of resources such as users, signals, ingested volume, assets & entities, devices monitored, employee count, organizations, and tenants.
- Subscriptions - View detailed list of subscription plans, and add-ons that you have purchased in your account.
- Authentication - includes authenticating users through Azure AD, OKTA Workforce, Azure AD (SAML), GSuite (SAML), Okta Workforce (SAML), and ADFS.
- Organizations - add your organizations if you are a domain user
- Tenants - includes adding tenant details like company name, web address, and subscriptions. In addition, creating users and assigning access to them.
- Users - includes adding users, and assigning access to them.
- Services - A service represents a component, microservice, application or infrastructure that a team manages and monitors.
- Integrations - include the potential source systems such as Azure, AWS, AppDynamics, ServiceNow, ThousandEyes, Logic Monitor, Google Cloud, Chronicle, and many more to receive the signal into Resolution Intelligence.
- Forwarders - Download and install Chronicle forwarders to ingest on premise data to cloud.
- Log & data Ingestion: Ingest telemetry data from GCP, AWS, Crowdstrike Falcon, and CarbonBlack databases.
- Asset Onboarding - On-boarding digital assets is an essential step to start monitoring the performance of the devices to improve and standardize your business activities
- Chronicle CMS- includes adding and customizing detection rules, parsers, reference lists and content packs.
- Asset Monitoring - a continuous supervision of the assets without manual intervention to find and notify the impediments caused to slowdown the asset performance.
- Processing Rules - a specialized feature that helps you to share helpful information and useful resources to optimize the process of sending signals to users.
- Correlation Policies - to correlate the similar threats over a network into a single situation to reduce the network traffic and improve the efficiency of a support team to mitigate the issues faster.
- ActOn Policy - a set of rules that consist of several conditional expressions which will help to transform the incoming signal into a situation.
- Scoring - Templatization Rules - a customized approach of defining rules for ActOn resolution based on the score of each situation.
- Notifications - Configure notifications when and how to send an alert to users when a signal is triggered from the monitoring systems via email or webhook. Use customized templates to include subject and body of an email and define policies to control the flow of notifications to the users.
- Schedules - To display the status of a user like how long the user on the call, which group and shifts currently they are on call for, and when the next on-call will be.
- Escalation Policies- to automate situation assignment and they connect services to individual users and/or schedules.
Please sign in to leave a comment.