Threat feed

Acronis Cyber Protection Operations Center (CPOC) generates security alerts that are sent only to the related geographic regions. These security alerts provide information about malware, vulnerabilities, natural disasters, public health, and other types of global events that may affect your data protection. The threat feed informs you about all the potential threats and allows you to prevent them.

A security alert can be resolved with the number of specific actions that are provided by the security experts. There are some alerts that are used just for notifying you about the upcoming threats but no recommended actions are available.

How it works

Acronis Cyber Protection Operations Center monitors external threats and generates alerts about malware, vulnerability, natural disaster, and public health threats. You will be able to see all these alerts in the Cyber Protect web console, in the Threat feed section. You can perform respective recommended actions depending on the type of alert.

The main workflow of the threat feed is illustrated in the diagram below.

To run the recommended actions on received alerts from Acronis Cyber Protection Operations Center, do the following:

1. In the Cyber Protect web console, go to Dashboard > Threat feed to check whether there are any existing security alerts.

2. Select an alert in the list and review the provided details.

3. Click Start to launch the wizard.

4. Enable the actions that you want to be performed and select the machines to which these actions must be applied. The following actions can be suggested:

  • Vulnerability assessment – to scan the selected machines for vulnerabilities
  • Patch management – to install patches on the selected machines
  • Anti-malware Protection – to run full scan of the selected machines
  • Backup of protected or unprotected machines – to back up protected/unprotected machines

5. Click Start.

6. On the Activities page, verify that the activity was successfully performed.

Deleting all alerts

Threat feed alerts are automatically cleaned up after the following time periods:

  • Natural disaster – 1 week
  • Vulnerability – 1 month
  • Malware – 1 month
  • Public health – 1 week