Escalations
By defaut, all chat ops have a delay time of 10 minutes. If the user has not responded in 10 minutes we escalate to their manager, and if the same happens with the manager, we continue processing with a suspicious verdict. You can modify the escalation delay and choose what verdict to use on timeout underneath Settings > Chat Ops.Security Team
You can communicate with your security team via chat ops as well, so they don’t have to log in to the Wirespeed UI to respond to every case. This settings can be modified underneath Settings > Chat Ops. If disabled, case escalations will be alerted via email and triagable via the UI. Chat Ops escalations sent to the security team will not be subject to the escalation delay and will wait indefinitely for a response via chat or UI.Multi-factor Verification
After a chat ops message is sent you can optionally require the user to verify their identity over SMS. This helps protect your organization in cases where the user’s account has already been compromised. When this setting is enabled, the user will be texted an SMS code to verify their identity after they respond to our chat ops message. If no mobile phone number is identified for the user or this setting is disabled, we will message their manager and require verification from them instead.FAQ
What happens if a user doesn't respond to a chat ops message?
What happens if a user doesn't respond to a chat ops message?
If a user doesn’t respond within the escalation delay (default: 10 minutes), Wirespeed escalates to their manager. If the manager also doesn’t respond within the escalation delay, the detection proceeds with a suspicious verdict (or your configured timeout verdict).
Can I customize the escalation delay time?
Can I customize the escalation delay time?
Yes. Navigate to Settings > Chat Ops to modify the escalation delay time and choose what verdict to use when chat ops times out without a response.
What communication channels does Wirespeed use for chat ops?
What communication channels does Wirespeed use for chat ops?
Wirespeed can send chat ops messages via Email, Slack, Microsoft Teams, and SMS. We initially message users through all available communication channels to maximize response rates.
What if the user's account is already compromised?
What if the user's account is already compromised?
If SMS MFA verification is enabled, users must verify their identity with a code sent to their phone after responding to a chat ops message. This helps ensure a compromised account cannot falsely claim activity is legitimate. If no phone number is available, verification is escalated to the user’s manager instead.