All ideas

It would be helpful to our IT Security team to be able to submit and email support that would automatically create an incident ticket for SOC to review.

When a ticket has been identified as malicious, have the information relating to any threat actor activity clearly called out and visible on the Details or Overview section. Due to the amount of information added to a ticket as part of an investig...

Due to the length of some of the incident names and security posture recommendations, some customers have requested either column resizing or overflowing onto multiple lines to accommodate the length for readability purposes. Currently views only ...

We would like more granular control over Clarity email notifications. Specifically, we want to be able to disable email notifications for CST / alerts that are reassigned directly to us, and only receive email notifications for incidents that have...

The Clarity Automation offers a wall of KQL in the ticket comments which is messy. I feel this should be separated to another tab (perhaps "evidence" as an option?) so the comments can be maintained as a cleaner location for comments.

We have Entra Verified ID already within the organisation and this can be extended to our customer base to allow them to verify QC staff are who they say they are when interacting (I understand customers are asking for this already). We have the i...

One thing our customers would find really useful is having an Or option in the Filters. As an example, reviewing Cyber Incidents which are either in Customer Action OR have a P1 priority.

On the Cyber Incidents page (which currently lists ID, Priority, Status, Title, Assignee, Type, Resolution, Cause, Created), please add a “Security Analyst” field. Reasoning: The current Assignee field is sometimes blank when incidents are resol...

An incident maybe raised as a P1, over the life of the ticket it might be realised that that was incorrectly raised as a P1. We need the ability for the Severity to be changed to be actually reflective of what it is.

So the idea is to sync assignee of the incident on Clarity to Microsoft Sentinel's respected incident bidirectionally. If someone starts working on an incident on Clarity and assigns the same to themselves, respected incident on Sentinel side will...