An incident is a set of events that require attention (for example, a possible attack). Incidents centralize the data and are typically made up of a correlated event, the associated events that triggered a correlation rule, asset details of the affected systems, vulnerability state of the affected systems, and any remediation information, if known. Incidents can be associated with a remediation workflow in iTRAC, if specified. An incident associated to an iTRAC workflow allows users to track the remediation state of the incident.
In the
tab, you can:Manage incident views
View and manage incidents and their associated data
Switch between existing incident views
For trademark and copyright information, see Legal Notices.