Some RocketApps allow configuration to your environment's needs. These configurations allow you to specify what threat types to monitor for or exclusions to reduce false positives. To configure a RocketApp, click on Configure for the relevant Rocket App.
Apps can be configured based on the hierarchy of your RocketCyber account, inheriting from parent configurations. Configurations made at the Device level will supersede configurations made at the Customer level, which will supersede configurations at the MSP level.
For example, if you want to enable the Advanced Breach Detection T1007 - System Service Discovery across your organization, you can make that configuration modification at the MSP level. All Customers and devices within that MSP's context will now have T1007 enabled. If you found that one Customer, or a single Device should not have T1007 enabled, you could then turn it off within that context.
Modifications of a configuration at higher level contexts will be reflected at the lower level contexts unless a modification has been explicitly made at that lower context of the same configuration value.
The inherited configuration that a device is running can be viewed by accessing the configuration for the relevant RocketApp under that device's App section.