icon-itdr.svg
ITDR

Configuring an Endpoint Credential Scan Notification

You can configure an endpoint credential scan notification to generate emails after endpoints are scanned for exposed credentials and the executive summary report is generated. Emails are sent to the configured users with the executive summary report for further analysis and remediation.

To configure an alert notification for an endpoint credential scan:

  1. Go to ITDR > Notifications > Configure.

  2. Click Configure Notification.

  3. In the Configure Notifications window:

    1. Select Enabled.
    2. Name: Enter the name of the notification.
    3. Alert Type: Select Credential Scanning from the drop-down menu.
    4. Send Notification Every: Select the notification frequency (Daily, Weekly, Monthly, or Quarterly).
    5. Trigger Time: Select a time to trigger the notification.
    6. Users: Select one or more email recipients or users from the drop-down menu.

  4. Click Save.

    The endpoint credential scan notification is configured.

After the endpoints are scanned, the users receive an email with the executive summary report. You can leverage this report to identify credential exposure risks, prioritize what issue to focus on first, and mitigate issues before the credentials are compromised.

Related Articles
About NotificationsConfiguring an Active Directory Posture NotificationConfiguring an Active Directory Change Detection NotificationConfiguring an Endpoint Credential Scan NotificationConfiguring an Entra ID Posture NotificationConfiguring an Entra ID Change Detection NotificationEditing or Deleting a Notification