Incidents

The Incidents tab.The Incidents tab shows a grid with the following details.

  • Incident ID - The ID of the incident. Click on this link to view the incident details.
  • Title - The ticket title.
  • Severity - Severity of the incident.
  • Type - The incident type.
  • Detected Date - Date the incident was first observed.
  • Submitter - Name of the person who recorded the incident.
  • Awaiting Action By - Name of the person with pending action.
  • Status - Current status of the workflow associated with the incident.
  • Risk - Severity of the risk.

Click New to create a new incident

Select an incident and click:

  • Assign to associate an existing incident with the selected threat.
  • Remove to disassociate an incident from the threat.

Select an incident to view the Incident Details window.The Incident Details window.

Select the Threats tab to view a list of threats arising from the incident. Threats must be manually assigned to incidents.The Threat Details page.

The Threat Details page includes the following information:

  • Source - Threat feed provider.
  • Identifier - ID assigned by threat intelligence provider.
  • Title - Descriptive name of the threat intelligence.
  • Threat Type - The type of threat.
  • Risk - The severity of risk from the threat.
  • Status - The current status of the threat incident.
  • Owner - The owner responsible for taking action on the threat incident.
  • Last Updated - The date when the threat incident was last updated.