Managing Attacks Requiring Action
To manage attacks that require action to be taken:
In the Threat Mitigation Portal navigation pane, click Action Required.
The Action Required page displays all attacks that require action.
The Attack ID is linked to the Attack Details page, which displays more information about the attack record.
The help button provides information about the possible actions that can be taken in response to an attack. For example, the Help could recommend blocking the attack, blocking the attacker, or slowing the attacker.
To sort the attacks by a different category, select another category from the Sorted By drop-down list, and click Sort.
To sort the attacks in a different order, select the order from the Ordered By drop-down list, and click Sort.
To take action, select the action from the Action drop-down list, and click Take Action to update the state of the attack in that row and activate the service that represents the action to be taken.
If the attack is no longer in the same state as when you clicked Take Action, the action is terminated, and a message explains that the attack has been handled. Otherwise, the result depends on whether the service is activated.
If a service is activated, the attack is moved to the Action Taken page.
If a service is waiting to be activated, the attack is placed in a pending state and appears in the Start Pending page.
To delete the attack, click Delete in the row for the attack.