Breadcrumbs

Application Settings

Last updated: mar 26, 2025

Overview

Application Settings allows users to customize nearly all aspects of D3 and the user experience. Changes take effect immediately. Access the Application Settings module by clicking the gear icon in the lower-left corner of the configuration navigation bar.

The configurable options in the Application Settings module are:

Ad Hoc Task Configuration

Add to a list of task types. These are used to label Ad Hoc Tasks in an incident response.

Frame 95-20240929-215406.png

Dashboard Columns

Users can add custom columns and configure default display columns for event and incident lists in the Investigation Dashboard to improve the investigation workflow.

Frame 96-20240929-220918.png

In the Application Settings interface, users can sort displayable columns by name, type, display order, and visibility for easier management. Users can also modify column display order and toggle column visibility.

Frame 97-20240929-221103.png

Adding a Custom Column to the Event Dashboard

  1. Navigate to the Event Dashboard tab and click on the + Custom Column button.

cQH8F00DeUMB3wDkdQuMFpgPwgjuqO7TGXMUToXVHvqhl8xNL6gBRFUiKNZ5OhdBpYLbShzYtPoVvn2rhKI9vV48TZJ74pT77NthNbgc26NEQWXvnYgRPTvP_GyKKVdaxkOF5_PFdCHvflz-jTPNa7c

  1. Select a field name to use as the column name. The field name can be configured in Event Field Mapping.

  2. Specify a display order for this column. 0 means it is the first from the left. 

  3. Determine whether its visibility is toggled on or off in the default view and click Save. 


iwmEkOcVfi5CKuedeO2EO_aXyEcLGuB2Grv3v6I3p6EqL0cE9qNwNeg4othCucWS6ERNLfKmw-x2q3gOkD_PG4R6zZtaCXh5SYT-KNPIkxmQmo1d1kkcdjSkO-9tBcq_KjrFQcR8cQOcqLs6X5eseNs



The saved custom columns will appear in the event dashboard. 

Adding a Custom Column to the Incident Dashboard

  1. Navigate to the Incident Dashboard tab and click on the + Custom Column button.

be82f80b-9be7-49ea-86e2-51d1cd412821.png

  1. Select an incident type, it is configured in the Incident Form Editor.

  2. Choose a section that is found in the incident type.

  3. Select a column name from the dropdown. The column name is an activity or an info activity of a section. 

  4. Specify a display order for this column. 0 means it is the first from the left. 

  5. Determine whether its visibility is toggled on or off in the default view and click Save.

DKrN_m9qHvbb66O1GvdiJCrzNYqsnQ_LENjNiZsw-U0Cfd07--OrEbxfNkIKGBYVUsuBjforwwrLBfo2Ft2QMClB5jkvhHSCgL9G7450WFohNkYYc39EdJ8OeqQkZp9moqAPcrh0AtUFjrKF6L-OrR4

The saved custom columns will appear in the incident dashboard.

Deleting a Custom Column

Only custom columns can be deleted. To do so, click on the trash can icon at the end of the row. 

READER NOTE

editing the Display Order or Show in Default View will only apply to newly created users. Existing users' display order and column visibility will not be affected. 

Logo Customization

Use this feature to customize the default logo displayed in Incident Reports and Send Email templates, as well as the company URL shown in the incident report header.

Frame 98-20240929-221625.png

Uploading and Previewing a Logo or URL

In a new vSOC environment, the D3 logo and URL are default placeholders. Replace them by clicking Replace Logo, uploading a PNG or JPG logo, and entering the preferred URL.

Frame 100-20240929-223254.png

Click on the images to preview how the logo or URL will appear on the incident report or send email template.

image 280-20240929-224031.png

Email Domain Whitelist

The Email Domain Whitelist is a list of approved email domains for adding new users. The domain of a user's email address must be added in the email domain Whitelist for user creation.

Email domains must contain a top-level domain, and cannot contain the @ symbol.

For example: admin@d3.com, the email domain is "d3.com"

Set up the Email Domain Whitelist at the beginning of the D3 system configuration.

READER NOTE

If no email domains are added to the Email Domain Whitelist (i.e. the Email Domain Whitelist is empty), all domains are permitted.

Frame 101-20240929-224313.png

Temporary Login Lock

image 284-20240929-224511.png

This setting allows users to configure the number of permitted login attempts and define the lockout duration once the failed attempt limit is exceeded.

image 284 (1)-20240929-224729.png


Edit the Setting of Each Site

Each site has a default configuration of three login attempts and a 120-minute lockout period. Users can view and edit each site’s settings through the Site drop-down menu.

att_7_for_15696046.png


Apply Settings to Sites

After configuring the settings, users can apply them to the current site by clicking the Save button in the upper-right corner or apply them to other sites if they are an MSSP.


  1. Click on the Apply to Sites button.


att_8_for_15696046.png


  1. Choose Site(s) to publish the settings to.

  2. Click on the Save button to confirm all changes.

READER NOTE

If the current site is deselected when applying settings, changes will not be applied to that site.

Frame 102-20240929-225254.png

Enforce Password Policy

This setting defines how many unique new passwords must be used before an old password can be reused. It also allows users to set minimum and maximum password lengths.

Frame 103-20240929-225608.png

SLA List

This is where service-level agreement (SLA) options in JSON format are added for use in SLA tasks within the playbook editor. Options configured here will be available in the SLA playbook task.

Frame 104-20240929-225814.png

SLA configuration in Application Settings

image 292-20240929-230338.png

SLA Task in Incident Playbook

image 293-20240929-230058.png

Web Config

Web configurations are global settings that users can view and modify. Each setting includes a detailed description to assist with configuration.

All changes here will apply to the entire system, across multiple Sites (for MSSPs).

View Web Config Items

image 297-20240929-231303.png
image 298-20240929-231323.png
image 299-20240929-231338.png
image 300-20240929-231402.png

Password Expiration Check

READER NOTE

This feature is not enabled by default. Contact the D3 Security support team to enable the Password Expiration Check feature.

The password expiration check feature allows the system admin to set a password reset period. When enabled, users must reset their passwords within the specified period of time to ensure security. Every newly created user must reset their log-in password after enabling this feature.

Once this feature is enabled, the PasswordRestPeriod will show in the web config.

Setting the Password Reset Period

Frame 105-20240929-233209.png

  1. Navigate to Configuration

  2. Click on Application Settings tab

  3. Open the Web Config

  4. Set the number of days under the PasswordRestPeriod

E.g. PasswordResetPeriod: 365. The user must update the password after 365 days to log in to vSOC again.

If the password exceeds the set time, it will redirect every user to the Reset Password page upon login, to reset their password.

image 302-20240929-233534.png

READER NOTE

When updating vSOC from a version without this feature, the password reset time will be reset as well, with the counter beginning again on the day of the update.

Date/Time Format

Date/Time Format allows users to set the default format for displaying date and time in D3. This system-wide default is applied across the platform.

Users can override the default date/time format when configuring specific modules or within Site Settings.

Frame 106-20240929-233754.png

SMTP (Simple Mail Transfer Protocol) Server and Email

Configure the SMTP Details in order to send emails from the D3 platform.

Frame 107-20240929-234027.png

Sorting Options

Users can select how the officer name list is sorted when creating or editing an incident report.

Frame 108-20240929-234154.png

Master Instance Registration (Tenants Only)

  1. Generating a key to connect a tenant instance with the master instance.

  2. Copy the key to use when adding a tenant in the master instance.

READER NOTE

Each key is single-use and expires after one hour.

Frame 109-20240929-234402.png

Update MITRE Tactics and Techniques

Ensure MITRE tactics and techniques remain current by clicking the Update TTP button to fetch the latest updates. A table displays the history of past updates and their results.

Frame 110-20240929-235205.png