What is a one sentence summary of your feature request?
Create Threats in Threat Manager by specifically referencing a policy in Threat Prevention
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
Currently, selecting a Threat Prevention policy disabled the ability to create a custom threat.
There’s more grouping and customization options when creating a policy in SI compared to TM: examples: there’s a group of 200+ attributes that can be excluded from a policy. You can reference perpetrator OUs in SI.
How do you currently solve the challenges you have by not having this feature?
Creating Threats is much more labor intensive but still possible
Hey @brandon.west, I think this would be more applicable to Netwrix Threat Manager with a Threat Prevention integration, right? When you have an investigation configured with a Threat Prevention policy as a filter you want to save it as a custom threat? If so, I think we’d want to move this over to the Threat Manager team.
If my understanding is incorrect, could you clarify on what we’d want to implement within Threat Prevention?
Hi @kevin.joyce you are correct. I posted this to the wrong product. It should be Threat Manager.
Thanks! Moved this over to the Threat Manager community page for product management review.
1 Like
Hi, I will have the team review this request then likely slate it for a release. I believe this is happening because we don’t allow custom threats when a user switches to the NTP database as a data source.
We will look into this, thanks.