CORE FEATURES
Actions
7 min
actions provides you with a set of actions to take that are recommended by flare and are based on your events you can find all the recommended actions by navigating to the actions page in flare each action is related to specific events which will be displayed on the right side of the screen, after selecting an action to see all the events related to that action, click on 'view all events" action status active these are new actions that have not yet been acted on completed these are actions that you have previously marked as complete snoozed these are actions that you have set to be reminded about later ignored these are actions you have previously marked as ignored all every action flare has ever alerted you about action categories operations these are actions we suggest you take based on your events in flare each of these actions will detail the relevant events, mitre att\&ck techniques, and mitigations actions are created for infected devices events in two specific cases the stealer logs contain domains that do not resolve to an ip address, which may represent compromised employees with internal access the stealer logs contain domains and usernames used to connect to common saas platforms, which may represent compromised employees reusing corporate credentials outside their organization actions are created for 3rd party ransom leak events if we find company files or otherwise potentially sensitive information in a recent breach or historical breach actions are created for exposed services, when we find a host with critical ports open actions are created for when internal domains are found in conversations (eg , chat messages or forum posts) or in text documents (eg , source code or pastes) an internal domain is defined as a domain that we think you do not want to be exposed for example, if you have an identifier for scatterholt com and we found subdomain test scatterholt com that do not resolve to an ip, we will consider this domain as internal flare configure or update your flare profile, industry per tenant, and number of employees each year, flare will recommend ensuring that your number of employees is up to date exporting actions actions recommended by flare can also be added to any report from reports docid\ bqmxuvf2gbe7suip8okcx , click edit on any existing report, and ensure that actions is toggled on all actions regardless of time created will be included related articles