How to Prevent Alert Fatigue: Announcing the New Alert Features

Alert fatigue is a phenomenon in which individuals receive an overwhelming amount of alerts and become desensitized to them.  

If a security team sees hundreds of alerts every day that do not have critical information, they may start to pay less attention to them. Then, if a real cybersecurity event were to happen, they may not catch it in time, since alerts are not considered important anymore. 

To avoid alert fatigue, a sound alert system with no noise is necessary. Knowing how to group alerts and how to manage them is very important. 

Cyscale is a CSPM that provides solutions for alert fatigue and helps users understand their alerts. In this article, we will explain how. 

Alerts visualization 

The first step to managing alerts efficiently is understanding them. With the following four sections, you get to see how your company is handling the alerts at a glance. 

Alerts visualization cards in the Cyscale platforrm

The Insights card gives you context on how many alerts your assets have generated, as well as the average time to resolve them. This valuable information shows how efficiently the security team is working through findings. 

The next section, Summary, shows how many alerts have a High severity and how many have a Medium severity, as well as other information about your environment. 

The third card, Trend, illustrates the evolution of alerts over time. The time component, which is present in the first section as well, is key to fully understanding how well your company is progressing towards securing the cloud infrastructure over time. 

Finally, the fourth section, Open Alerts by Asset Category, shows the distribution of alerts over the types of assets in the cloud. For example, knowing that your IAM or your storage assets generate the most alerts can help you focus your attention on those areas of your cloud security posture. 

Alerts grouping  

There are two views for alerts: 

  1. Grouped by control, and 
  2. An ungrouped list of all alerts. 

The first view makes alerts visualization more manageable by shortening the list and grouping the alerts by control.  

Alerts grouped by control in the Cyscale platform

The result of this view is reducing alert fatigue by grouping the triggered alerts under a single item in the list. Each row represents one control, and in the fourth column, the user can see the total number of alerts, with a quick link to the affected assets. 

Seeing affected assets in the Cyscale platforrm

Moreover, this feature allows users to perform actions on multiple alerts through one click: for example, you can dismiss or acknowledge all alerts triggered by a control using this panel. 

The second view is a simplified view of the alerts. This is the old version of our Alerts dashboard, where you can search by alert and directly see details such as the severity, the status, or the affected asset.  

All alerts page in the Cyscale platform

Alerts exemption 

Using alert exemption, users can reduce the number of alerts and eliminate false positives. Generating an exemption is very easy and can be done straight from the alerts list. The exemptions are highlighted in the compliance reports to ensure visibility and help users understand: 

  • why they were created, 
  • who created them and why,  
  • when they were created. 
Creating exemptions in the Cyscale platform

Alerts remediation 

It’s never been easier to solve alerts than with the Cyscale platform!  

By clicking on the control that generated the alerts, a drawer with remediation steps appears. You don’t have to go through documentation and hours of trial and error – we give you the exact measures you have to take to fix your environment! 

Remediation steps in the Cyscale platform

We hope you will enjoy the new features. Stay tuned for another set of improvements that bring more context to alerts! 

Interesting? Share it

Stay Connected

Receive our latest blog posts and product updates.

Our Compliance toolbox

Check out our compliance platform for cloud-native and cloud-first organizations:

CSPM ToolMulti-Cloud Data SecurityGoogle Cloud SecurityAWS Security & ComplianceIAM Cloud SecurityPrevent Cloud Misconfiguration

LATEST ARTICLES

What we’re up to

Human and Non-Human Identity Management for Multi-Cloud
Multi-Cloud Security: What CISOs & CTOs Need to Know
Azure Key Vault Explained: Data Plane vs. Management Plane, Access Roles and More
Cyscale Logo
Cyscale is an agentless cloud-native application protection platform (CNAPP) that automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Stay connected

Receive new blog posts and product updates from Cyscale

By clicking Subscribe, I agree to Cyscale’s Privacy Policy


© 2024 Cyscale Limited

crunch base icon
angel icon