Using Kaseya MDR

The Using Kaseya MDR section explains how to work with the platform during day‑to‑day managed detection and response operations. It focuses on how alerts, investigations, and response actions are reviewed and handled in collaboration with the SOC, and how customers and partners review activity, follow escalations, and apply response decisions within the platform.

“…how alerts, investigations, and response actions are reviewed and handled in collaboration with the Kaseya SOC…”

The articles in this section focus on understanding MDR alerts and escalations, reviewing investigation context provided by the SOC, tracking response actions, and knowing when customer involvement or follow‑up action is required. They reflect how Kaseya MDR is designed to be used in practice: investigation and response are led by the SOC, with customers maintaining visibility and control over decisions and outcomes.

Use this section to understand:

How MDR alerts and escalations surface security activity
How to review investigation context and SOC findings
How response actions are initiated, tracked, or approved
How to understand resolution status and follow‑up expectations
How MDR workflows differ from self‑managed investigation and tuning

This section does not explain how to onboard organizations, configure integrations, manage users, or tune detection logic. Those topics are covered in Getting started with Kaseya MDR, Account, access, and governance, and Detection and correlation.

Articles in this section are ordered by typical workflow, but they are not all read sequentially. You may move between them as investigations and response activities evolve.

Articles in this section

This section includes the following articles:

Exploring the dashboard: Explains how to use the dashboard for situational awareness, understand alert trends, and decide where to focus investigation or response next. The dashboard is used for orientation, not for investigation or response actions.
Working with alerts: Describes how to review alerts, understand severity and context, and decide whether deeper investigation is required before taking action
Investigating activity using the Analysis page: Explains how to investigate alerts and related activity in a single, correlated view to understand scope, sequence, and impact before responding
Managing noise and signal: Explains how to reduce alert noise safely after investigation, including when to tune, suppress, or leave alerts unchanged
Managing repeated alerts: Walks through investigation‑first decision‑making for alerts that fire repeatedly due to expected behavior and explains when suppression is appropriate
Quiet mode overview: Explains how quiet mode affects default alert severity behavior and what alerts look like before tuning or suppression is applied.
Alert suppression: Explains how suppression rules work in Kaseya MDR and how to configure them to reduce alert noise without stopping event collection.
Suppressing alerts from Events (investigation‑based suppression): Explains how to suppress repeated alerts directly from investigation context after validation, while preserving visibility.
Managing alert severity and detection tuning: Explains how to adjust severity and detection logic to improve signal quality when alerts are consistently low value across your environment
Creating high‑confidence alerts with Respond rules: Explains how to use Respond rules to surface meaningful patterns after investigation confirms that individual alerts are insufficient
Analyzing a Respond trigger: Explains how to review Respond rule triggers in context to confirm why a rule fired and whether it is behaving as intended

Articles in this section are ordered by typical workflow, but they are not all read sequentially. You may move between them as investigations and response activities evolve.

How to use this section

Refer to Using Kaseya MDR:

During daily security monitoring and alert review
When investigating activity and validating context before response
When deciding how to reduce noise without reducing coverage
When introducing or evaluating Respond rules after investigation

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.