Skip Navigation
Prioritized, noise-free cybersecurity alerts that eliminate complexity, reduce risk, and empower your team.

What is an ARO?

AROs—Actions, Recommendations, Observations—are the intelligent alerts that drive the clarity of Field Effect MDR. 

01

Actions

Actions represent an active or imminent threat, like an exposed remote desktop protocol port detected on the endpoint.

02

Recommendations

Recommendations are risks that may evolve into bigger issues if unaddressed, like a legacy operating system that needs replacing.

03

Observations

Observations flag early indicators of a threat, like a new inbox rule that's detected on a cloud account.
Field Effect's security analysts triage the alerts as they come in and weed out false positives. That saves our engineers a lot of time.
Full review
Rob Schenk (Chief Security Officer) – Intelligent Technical Solutions
The alerts that we get are valuable. It is stopping anything from happening before there is even an issue.
Full review
Emma Elkind (Cybersecurity Operations Manager) – Attitude IT
The ARO system provides easy explanations of issues detected and simple instructions for resolution.
Full review
VP of IT – RWAM Insurance Administrators Inc.
The system's ability to respond instantly to suspicious activities not only protects sensitive information but also provides peace of mind.
Full review
Service Desk Support Specialist – SupportMyMac
Rather than merely identifying a threat, the system goes a step further by providing actionable recommendations along with clear steps to take in response.
Full review
Deji Dayspring (Compliance Practice Lead) – Infinite IT
PeerSpot Logo
Breakdown of an ARO, including title of the issue, description, mitigation steps, and severity levels.

ARO Overview

Meet your AROs.

AROs are designed to be easy to understand, whether you're a seasoned cybersecurity expert or an L1 technician.

That's why any AROs that are generated contain:

  1. A clear name of the issue.
  2. One-click buttons to close the ARO once resolved or to request expert help.
  3. Priority details—including alert type, severity, and status.
  4. A description of the issue, always in plain language and without any jargon or unnecessary complexity.
  5. Step-by-step instructions to resolve the issue. 
Explore more about AROs

Silence the noise.

Field Effect MDR filters out 99% of cybersecurity alerts, so you only receive notifications that matter.

By digesting and correlating data from across the threat surface, Field Effect MDR distills hundreds of cybersecurity events into a handful of AROs. 

Instead of dealing with false positives and unnecessary noise, AROs empower your team to focus on real issues faster and with greater precision.

And because every alert is prioritized and labeled as either an Action, Recommendation, or Observation, your team will know exactly which alerts need attention first.

See how AROs work
For every 30 million events, 600 alerts are generated by machine learning, artificial intelligence, and discrete analytics. 1 ARO issued to the end user.
Field Effect MDR Active Response Profile Options

Accelerate the response.

With advanced analytics deployed directly on the endpoints, Field Effect MDR assesses and responds to anomalous activity quickly.

With Active Response functionality, Field Effect MDR takes steps to address the threat according to the user’s chosen profile:

  • Limited
  • Balanced
  • Aggressive

In all scenarios, Field Effect MDR will also issue a near-real-time ARO detailing the events. Rest easy knowing if threats happen after hours or on weekends, you are protected.

Learn about Active Response

benefits

Why AROs?

AROs deliver a clear, highly efficient means to secure clients and reduce risk. AROs are written in plain language with check-box style instructions for remediation. Teams understand exactly what to do, and in what order, to resolve threats effectively.

Backed by experts

  • Benefit from the combination of threat hunting, ML-based algorithms, advanced analytics, and human intelligence 
  • Spend less time investigating redundant alerts and false positives 
  • MSPs can protect more clients with the same staffing levels

Detect more than attacks

  • Detect and address vulnerabilities early to prevent attacks outright
  • Enhance your cybersecurity offering with a proactive approach
  • Keep track of overall risk impact with simplified, intuitive reports

Easy-to-follow resolutions

  • Save staff time that would’ve been spent troubleshooting
  • Empower techs of all levels to oversee cybersecurity
  • Work with experts as an extension of your team if required during mitigation 

Streamline workflows

  • Choose how you manage AROs: through text, email, mobile app, or your Field Effect MDR dashboard
  • Integrates seamlessly with Autotask, ConnectWise, and HaloPSA
  • Access supplemental alert data for MDR Complete customers

Field Effect MDR demo

Manage risk with Field Effect MDR.

See how our MDR solution:

  • Simplifies cybersecurity protections.
  • Cuts alerts noise to focus on threats that matter.
  • Delivers experts to help manage risk proactively.

“I suggest getting a demo. It is quite impressive...It covers everything.”

Manager

Digital Customer Engagements – Reseller

Related Resources

Get to know Field Effect MDR better. 

Decorative Featured Image

Video

Field Effect's Dark Web Monitoring

See how Field Effect's Dark Web Monitoring mitigates the risk of attack when your company's sensitive data is found...
Decorative Featured Image

White Paper

2024 MDR Data Quadrant Report

The latest 2024 Data Quadrant Report confirms Field Effect MDR as a leader, achieving top scores in threat detection,...
Decorative Featured Image

Webinar

The Four-Part Formula to Preventing Cyberattacks

Cybersecurity efforts shouldn't begin after a compromise happens. It starts a few steps earlier than that, by...

Get Started

Secure your business today.

Businesses of all sizes should have access to world-class cybersecurity. With Field Effect, they do.

Get a demo
Decorative Cube