Custom Strategies

Available to Admins only

Custom Strategies allow organizations to inject domain-specific judgment into Dropzone’s investigation outcomes. These strategies influence how the AI SOC Analyst determines both:

• Conclusions: Malicious, Suspicious, Benign

• Priorities: Urgent, Notable, Informational

Custom Strategies are applied during the Report phase of an investigation and enable teams to:

• Override default interpretations of investigative findings

• Encode institutional policies and known patterns

• Provide consistent guidance for recurring or edge-case alert types

Custom Strategies are best suited for decision logic that applies broadly across investigations. If you find yourself encoding conditional logic, workflows, or policy enforcement, a Custom Strategy is likely the right tool.

To learn more about how to create great Custom Strategies read our Custom Strategies Best Practices Guide