About Alerts

Alerts in Yandex Security Deck provides a single interface for viewing alerts, which are special documents containing notifications or warnings about security issues, such as infrastructure attacks, vulnerabilities, unsafe configurations, leaks, and incidents. This module provides additional information about each alert, a list of affected resources, the source of the alert, and tips on how to resolve the issue.

Alerts uses alert sinks containing alerts collected from security services, such as:

• Cloud Security Posture Management (CSPM)
• Data Security Posture Management (DSPM)
• Kubernetes® Security Posture Management (KSPM)
• Threat Detector (TD)
• Vulnerability Management (VM)
• YCDR

On the alert page, you can run its AI analysis. The AI assistant will help you fix your configuration issue, factoring in the alert context and parameters. In addition to its recommendations, the AI assistant will prepare a summary and explain the substance of the alert.

To streamline operations with a large number of alerts, the module supports visual grouping, search, and filtering. These features enable you to:

• Quickly find alerts of a certain type.
• Filter alerts by source to analyze threats by their impact on infrastructure.
• Assess the scale of data for analysis and investigation.

See alsoSee also

• Working with alerts
• Viewing alerts
• Yandex Cloud Detection and Response overview
• Cloud Security Posture Management (CSPM)
• Kubernetes® Security Posture Management (KSPM)
• Security Deck AI assistant