AuthPoint Incidents in ThreatSync
We are excited to announce a new beta feature for ThreatSync!
AuthPoint Incidents in ThreatSync
This feature enables you to view and manage AuthPoint incidents in ThreatSync. AuthPoint sends incident data to ThreatSync in the form of Credential Access events. These Credential Access incidents are available:
- Login attempts with incorrect password
- User received too many push notifications
- Authentication denied by AuthPoint policy
- Token blocked by too many failed authentications
- User disabled push notifications
- Authentication attempt from an unknown user
Based on the type of Credential Access incident, you can use these remediation actions:
- Block user
- Block IP address
- Isolate device
To learn more or to report an issue, go to the ThreatSync Beta test community.
Before you submit your feedback, make sure to review the list of Known Issues.
We appreciate you testing these exciting new features. Thanks for your help in making our products better!
The WatchGuard Beta Team