Skip Navigation

Responding to CylanceMDR alerts in the AtHoc mobile app

7 simple steps to respond to alerts from the AtHoc mobile app

  1. BlackBerry Docs
  2. CylanceMDR
  3. Responding to CylanceGUARD alerts in the AtHoc mobile app

CylanceMDR users can receive notifications through the BlackBerry AtHoc mobile app when a security incident is escalated to their organization. The AtHoc mobile app is another channel from which users can be notified as soon as possible of any incidents that require attention. From the app, users can quickly access the CylanceMDR portal from their mobile device and learn more about the incidents.

Before you begin: Register the AtHoc mobile app for the CylanceGUARD (CylanceMDR) service.

Note that CylanceGUARD is now known as CylanceMDR.

 

1. Open the AtHoc app

When a security incident is escalated to you, you will receive a "Guard" notification from the AtHoc app.

Tap the AtHoc icon to open the BlackBerry AtHoc mobile app.

2. Tap an alert to view details

In the AtHoc app, security incidents that are escalated from CylanceMDR have different icons depending on the severity level.

  • Green: Low severity
  • Yellow: Medium severity
  • Red: High or Critical severity

3. View the alert message

You can tap more to see some more details about the alert.  Make note of the case number.

4. Jump to the CylanceGUARD (CylanceMDR) user portal

Tap More Info to jump to the CylanceGUARD (CylanceMDR) user portal.

5. Log in to the user portal

If you're already logged in, you'll be taken directly to the escalation details screen in the CylanceGUARD (CylanceMDR) user portal.

From the Escalations screen, search for and tap the case number that you made note of earlier to view full details and comments from CylanceMDR analysts.

6. View full details about the escalation

From the escalation details screen, you can do the following:

  • Assign the alert to yourself to let others know that you are investigating the alert.
  • Review the trigger events and comments for information about the alert. Use this information to determine whether it was expected or unexpected behavior.
  • Add comments to communicate next actions to the analyst. For example, you might want to engage an incident response team such as BlackBerry Security Services.
  • Close the case when there's no further action required. When it's closed, it can't be reopened.

7. That's it!

You have successfully responded to an escalation in CylanceMDR from the AtHoc app!

For more information about handling escalations in CylanceMDR, see Escalations in the CylanceMDR User Guide.

To learn more about the BlackBerry AtHoc mobile app, see the BlackBerry AtHoc content