Seqrite XDR

SLA Configuration

Print Friendly, PDF & Email

Service Level Agreements (SLAs) in Seqrite XDR define the expected timelines for handling and addressing security incidents. They establish measurable commitments for how quickly incidents must be investigated, remediated, and closed. By setting clear deadlines, SLAs help security teams prioritize tasks, track progress, and ensure consistent response across different types of threats.

With Seqrite XDR , SLAs are often configurable by incident type and severity. For example, a phishing alert may require investigation within 2 hours, while a malware outbreak could demand immediate containment. SLA timers are displayed in the grid, and notifications are triggered if deadlines are approaching or breached, ensuring that no incident is overlooked.

 

 

SLA Configuration

Only administrators can configure Service Level Agreements (SLAs). The SLA Configuration page is visible only to administrators.

Navigate to the SLA Configuration page

  1. Go to Settings > SLA Configuration.
  2. The page displays a list of incident types with configured SLAs.
  3. Expand an incident type to view its SLA.

Incident types

The following incident types can be utilized to create and define SLAs.

  • Anomaly Detection
  • APT
  • Insider Threat
  • Malware
  • MITM
  • Phishing
  • Privilege Escalation
  • Unknown
  • Web Application Attack
  • Default

Add an SLA

  1. On the SLA Configuration page, select Add SLA for Incident Type.
    The Add SLA for Incident Type dialog opens.

  2. Select an incident type from the list.

    • Only one SLA can be configured per incident type.
    • The list shows only incident types without an SLA.

  3. Select

    Add

    • A default SLA configuration appears.
    • You can edit the SLA values as required.

SLA rules

Status values must be incremental:

  • Investigation < Remediation < Closed

Example:

Investigation Remediation Closed
1 2 3

The incident response summary updates based on SLA configuration:

  • When the investigation value is reached, the incident status changes to Remediation.
  • Based on remediation values, the response summary shows New, In time, or Late by.

Note
If SLAs are already configured for all incident types, a message prompt appears when you select Add SLA for Incident Type.

Edit an SLA

  1. On the SLA Configuration page, expand the SLA you want to edit.

  2. Select the Edit icon.

  3. Select a status value to edit.

    • Values can be set in hours or days.
    • Ensure values follow the SLA rules.

  4. Select Save.

Delete an SLA

  1. On the SLA Configuration page, expand the SLA you want to delete.
  2. Select the Delete icon.
  3. In the confirmation dialog, select Delete.
    The SLA is removed.

Filter SLAs

To filter SLAs:

  1. Enter criteria in the filter box.
  2. Add conditions as required.
  3. The SLA list updates automatically based on the filter criteria.

 

Was this page helpful?
Yes No 1