Interventions are actions that are executed automatically when a trigger event occurs within SMARTFENSE.
Their main objective is to automate incident response processes and reduce reaction time to risky behaviors.
For example, when a user enters their credentials in a phishing simulation, the platform can execute actions such as sending a request to a webhook, invoking an API, or other configured actions.
Viewing the reports
In the Audits > Interventions section, you can consult all audit records associated with the executed interventions.
Each record includes the following information:
Date of the intervention
Trigger
User who originated the trigger
Action
This data allows the administrator to analyze which events triggered interventions and what actions were executed in each case.
Filters, search, and export
From this section, it is possible to:
Apply a start and end date filter to narrow the analysis period.
Use search by Trigger, User who originated the trigger, and Action.
Export the audit record table in Excel or CSV format for external analysis or formal audits.
You can review our workshop to learn in depth how to use this Interventions component.
💡 Best practices
Periodically review the reports to validate that interventions are executed correctly.
Use filters and searches to investigate specific incidents or risky behaviors.
Export the records for security audits or forensic analysis.
Ensure that the configured triggers and actions are aligned with the organization's incident response policies.