You can use policies to determine how your end users are getting notified of new detections and which actions you wish to automatically execute for your end users.

Each server group has default reseller and default user policy settings. The default reseller policy applies to all reseller users and to all users of resellers. The default user policy applies to all users that have no intermediate reseller user. This distinction allows for the common case where the users of a reseller should be handled more conservatively. The admin user itself will use the default user policy (and not the default reseller policy as one might expect).

It is possible to override the policy on a per-user basis. This policy then applies to the user itself, but also for all children of this end user, e.g. if a reseller has policy A set, policy A will also apply to the reseller's users.

User level

Applicable policy (tried in order)


  1. Admin policy

  2. Default user policy


  1. Reseller policy

  2. Default reseller policy

user of reseller

  1. User policy

  2. Reseller policy

  3. Default reseller policy

user of admin

  1. User policy

  2. Admin policy

  3. Default user policy