Incident Management: Configure Integration Setting to Manage Incidents in Security Analytics

Document created by RSA Information Design and Development on Jul 27, 2016Last modified by RSA Information Design and Development on Jul 27, 2016
Version 2Show Document
  • View in full screen mode
 

You have to configure system integration setting to manage incidents in Security Analytics. You can enable integration with:

  • IT helpdesk ticketing system that helps you push remediation tasks as helpdesk tickets.
  • RSA Archer that helps you to push the remediation tasks to the Archer target queue and to report data breaches and track them through the breach response process in the RSA Security Operations Management solution. 

Procedure

To configure integration settings to manage incidents in Security Analytics:

  1. In the Security Analytics menu, select Incidents > Configure.
  2. Select Integration.
    The System Integration Settings view is displayed.
    system_integration_im.png
  3. Select Manage Incident Workflow in RSA Security Analytics.
  4. Select one or more of the following options:
  • Allow Analysts to escalate remediation tasks for the Operations target queue as tickets - This enables you to push remediation tasks as help desk tickets and track them to closure.
  • Allow Analysts to escalate remediation tasks for the GRC target queue as Findings - This enables you to escalate and push remediation tasks to the Archer target queue with additional information that helps in tracking it to closure.
  • Allow Analysts to report data breaches and trigger the breach response process in the RSA Security Operations Management solution - This enables you to report a data breach and track it through the breach response process in the RSA Security Operations Management solution.
  1. Select Apply to save the configuration settings.
You are here: System Integration > Incident Management: Configure Integration Setting to Manage Incidents in Security Analytics

Attachments

    Outcomes