Incident Management: The Basics

Document created by RSA Information Design and Development Employee on Oct 24, 2017Last modified by RSA Information Design and Development Employee on Jan 29, 2018
Version 2Show Document
  • View in full screen mode

In Security Analytics menu, select Dashboard > Incidents. The various sections of the Incidents module are displayed.

The following figure depicts the Incidents module displayed in the Security Analytics user interface.


  1. Queue -  In the Incident Queue you can see a list of all incidents assigned and unassigned. You can filter incidents, view incident details, investigate incidents, and track them to closure.
  2. Alerts - In the Alerts view you can see a list of alerts collected from various sources. You can browse through various alerts, filter them, and group them to create incidents.
  3. Remediation - In the Remediation view, you can see a list of all remediation tasks created for various incidents. You can manage and track the remediation tasks, and push them to helpdesk if required and track the incident to closure.
  4. Configure - In the Configuration view you can configure notification settings, third party system integration for incident management, set up aggregation rules to automate the incident management workflow for automatically creating incidents.
Next Topic:Review Alerts
You are here
Table of Contents > Incident Management Process > The Basics