Vedric LogoVedric

Configuring Alerts

Vedric generates alerts when user behavior crosses risk thresholds. Alert configuration ensures you only receive notifications meaningful to your environment.

Every business is different. What counts as unusual in one environment may be routine in another. Without tuning, alert systems either flood administrators with noise or miss real threats buried in legitimate activity.

Initial Setup During Onboarding

During deployment, the Vedric team works with each customer to establish baseline alert settings.

Defining which risk categories are most relevant to the business
Setting initial thresholds for severity levels (Low, Medium, High, Critical)
Identifying known software, workflows, or users that require exceptions
Configuring delivery preferences (dashboard only, email, integrations)

These initial settings are not permanent. They serve as a starting point that can be adjusted as real-world data flows in.

Threshold and Risk Levels

Vedric assigns each detected event a risk score. Alerts are triggered when scores exceed configured thresholds. Customers can control:

Global Sensitivity

The overall threshold for what qualifies as an alert-worthy event

Category-Level Tuning

Different thresholds for data exfiltration vs. access anomalies vs. policy violations

Severity Escalation Rules

Which alert levels get immediate notification vs. logged for review

Time-Based Adjustments

Different alert behavior during business hours vs. off-hours

Customer-Controlled Tuning

After initial setup, customers retain full control over alert configuration through the Admin Dashboard. Changes take effect immediately and do not require Vedric involvement.

Available Controls

  • Raising or lowering thresholds
  • Adding new exceptions for trusted applications
  • Adjusting notification routing
  • Enabling or disabling detection categories

Immediate Effect

All configuration changes apply in real-time. No waiting periods, no support tickets required. Your security posture adapts as fast as your business needs.

Handling Legitimate Unusual Behavior

Some employees perform tasks that look unusual but are part of their legitimate role. Vedric allows customers to:

User Whitelisting

Whitelist specific users for certain behaviors

Path Exceptions

Mark certain applications or file paths as expected

Role-Based Profiles

Define profiles that adjust detection context

When these configurations are in place, Vedric still logs the activity but does not treat it as anomalous. The record remains available for audit purposes.

Alert Transparency

Every alert includes full context:

What triggered the alert
Why it crossed the configured threshold
The behavior chain that led to the event
Recommended actions

Administrators can review alerts and mark them as resolved, escalated, or false positives. False positive feedback is used to refine future detection accuracy.

Ongoing Optimization Support

Vedric provides optional ongoing review sessions where customers can work with the Vedric team to:

Review alert trends over time
Identify patterns of noise or missed detections
Adjust configurations based on organizational changes

This is not required but is available for customers who want hands-on guidance.