Incident Management: Configure Setting to Manage Incidents in SA

Document created by RSA Information Design and Development on Jul 20, 2016
Version 1Show Document
  • View in full screen mode
 

You have to configure system integration settings to manage incidents in Security Analytics. You can enable integration with:

  • IT helpdesk ticketing system that helps you push remediation tasks as helpdesk tickets.
  • RSA Archer that helps you to push the remediation tasks to the Archer target queue and to report data breaches and track them through the breach response process in the RSA Security Operations Management solution. 

To configure integration settings to manage incidents in Security Analytics:

  1. In the Security Analytics menu, select Incidents > Configure.
  2. Select Integration.

    The System Integration Settings view is displayed.

  3. Select Manage Incident Workflow in RSA Security Analytics.
  4. Select one or more of the following options:

    • Allow Analysts to escalate remediation tasks for the Operations target queue as tickets - This enables you to push remediation tasks as help desk tickets and track them to closure.
    • Allow Analysts to escalate remediation tasks for the GRC target queue as Findings - This enables you to escalate and push remediation tasks to the Archer target queue with additional information that helps in tracking it to closure.
    • Allow Analysts to report data breaches and trigger the breach response process in the RSA Security Operations Management solution - This enables you to report a data breach and track it through the breach response process in the RSA Security Operations Management solution
  5. Select Apply to save the configuration settings.
You are here: System Integration > Configure Integration Setting to Manage Incidents in Security Analytics

Attachments

    Outcomes