View Categories

Notifications

Notifications #

myOrbik provides two main types of notifications: system notifications and email notifications.

System Notifications #

System notifications are messages that appear as a bell icon in the upper-right corner of the myOrbik interface. These notifications are designed to alert users about various events such as the completion of scan reports, platform updates, or other important system events. They provide real-time feedback on the status of ongoing operations within the platform.

Email Notifications #

There are two primary types of email notifications sent by myOrbik:

  1. License Expiry Notification
    This email alerts users when their current subscription license is nearing expiration, giving them sufficient time to renew and avoid any service interruptions.
  1. New or Modified Vulnerabilities Alert
    This email notifies users of any newly discovered or modified vulnerabilities identified in any of the products registered within the platform. The email will be sent to the addresses specified under the “Recipient of the email” section in the settings. These vulnerability-related email notifications are configurable based on several criteria. Users can choose to receive alerts for:
      • New CVEs (Common Vulnerabilities and Exposures) discovered
      • Updates to existing CVEs
      • Alerts when CVSS (Common Vulnerability Scoring System) exceeds a specified threshold

The frequency of these vulnerability-related email notifications is fully customizable by the user. While vulnerability scans in the background are performed daily, ensuring that the system is up-to-date with the latest vulnerability data, users have the flexibility to choose how often they receive the related email notifications. The options include:

  • Daily
  • Weekly
  • Monthly

This enables users to stay informed about the vulnerabilities affecting their products while controlling the volume of notifications they receive.

Special Notification Triggers: Policies and SLAs #

In addition to the standard notification system, myOrbik provides special notification triggers through Policies and SLAs (Service Level Agreements). These triggers enable more granular control over how and when notifications are sent.

SLAs (Service Level Agreements) #

SLAs define the maximum amount of time that an organization is willing to tolerate for addressing vulnerabilities in different severity categories. These timeframes are critical for ensuring that vulnerabilities are mitigated within acceptable limits.

For example, if an organization sets an SLA of 3 days to address high-severity vulnerabilities, this means that once a high-severity vulnerability is identified, the organization has 3 days to take action before a notification is triggered. This helps ensure that critical vulnerabilities are prioritized and managed promptly.

The SLA configuration can be applied to each vulnerability category, such as Critical, High, Medium, and Low, and can trigger notifications when the timeframe is exceeded. In the case above, if the organization does not act within 3 days to mitigate a high-severity vulnerability, an email notification will be sent based on the defined SLA policy.

Policies #

Policies in myOrbik are another way to trigger notifications based on specific conditions. Policies can be highly customizable, allowing organizations to define detailed conditions for when a notification should be sent. Common conditions for policies include:

  • Severity: The severity level of the vulnerability (e.g., Critical, High, Medium, Low).
  • Vulnerability ID: Specific identifiers for known vulnerabilities (e.g., CVE IDs).

Policies can be configured to trigger notifications when certain conditions are met. For instance, if a Critical vulnerability is found, a policy could trigger an immediate notification. There are different policy statuses to categorize the outcome of the policy check:

  • Inform: The policy is notifying you about a situation, but no action is required. This can serve as a warning or an informational alert.
  • Success: The condition set in the policy has been met and the action was successfully taken or completed.
  • Error: An issue or error has occurred, and the condition was not met. This status can trigger error notifications to inform the user of potential problems.

Email Notifications Triggered by Policies or SLAs #

Both Policies and SLAs can trigger email notifications. For example, if an SLA is exceeded for a high-severity vulnerability, or if a policy condition (like severity or vulnerability ID) is met, an email notification will be sent to the designated recipients. This ensures that users are always aware of critical issues and can take prompt action.

These special triggers give organizations the ability to fine-tune their notification settings based on operational requirements, ensuring they stay compliant with internal timelines and risk management policies.

Powered by BetterDocs