Incident Management: The Basics

Document created by RSA Information Design and Development on Jul 20, 2016
Version 1Show Document
  • View in full screen mode
 

In Security Analytics menu, select Dashboard > Incidents. The various sections of the Incidents module are displayed.

The following figure depicts the Incidents module displayed in the Security Analytics user interface.

incident_mgmt_functions.png

  1. Queue -  In the Incident Queue you can see a list of all incidents assigned and unassigned. You can filter incidents, view incident details, investigate incidents, and track them to closure.
  2. Alerts - In the Alerts view you can see a list of alerts collected from various sources. You can browse through various alerts, filter them, and group them to create incidents.
  3. Remediation - In the Remediation view, you can see a list of all remediation tasks created for various incidents. You can manage and track the remediation tasks, and push them to helpdesk if required and track the incident to closure.
  4. Configure - In the Configuration view you can configure notification settings, third party system integration for incident management, set up aggregation rules to automate the incident management workflow for automatically creating incidents.
You are here: Incident Management Process > The Basics

Attachments

    Outcomes