From b31b16dcd08dcc567f5cf2924ddfb7b4c482e9a8 Mon Sep 17 00:00:00 2001 From: Nikita Varabei Date: Tue, 26 May 2026 10:08:14 -0500 Subject: [PATCH] docs: update Detections based on knowledge update "CRM status changes and detection configs" --- concepts/detections.mdx | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/concepts/detections.mdx b/concepts/detections.mdx index 04990bf..d7f62e0 100644 --- a/concepts/detections.mdx +++ b/concepts/detections.mdx @@ -41,6 +41,16 @@ Each detection contains: **Auto-Reporting Requirements:** Score must meet or exceed your medium threshold, detection source must be enabled, asset must not already be blocked, and asset must not have been previously rejected multiple times. +## Configuration + +Detection sources and their sensitivity levels are configured automatically based on your organization's settings and requirements. + + +**Automatic Configuration Updates:** Currently, only changes to your organization's priority level in the CRM automatically adjust threat detection configurations. Other CRM changes (such as subscription status changes from Active to Trial) do not automatically modify detection settings or other organizational configurations. + + +For custom detection requirements or to modify your detection configuration, contact your ChainPatrol representative. + ## Confidence Levels Detections are categorized into confidence levels based on your organization's thresholds: @@ -94,4 +104,4 @@ The system automatically handles duplicate detections to prevent alert fatigue: - Detection is the entry point, not the decision: A detection indicates potential threat, but review and approval are required before blocking to prevent false positives - Group IDs reveal campaign scope: When one detection links to multiple related assets, you can identify and report entire phishing campaigns instead of blocking sites one at a time - Threshold configuration balances coverage and noise: Lower thresholds catch more threats but require more review, while higher thresholds miss edge cases but reduce workload -- Deduplication across sources increases confidence: When multiple independent detection sources flag the same asset, it provides stronger evidence of malicious intent +- Deduplication across sources increases confidence: When multiple independent detection sources flag the same asset, it provides stronger evidence of malicious intent \ No newline at end of file