0
1.0.1
Yokohama, Xanadu
Security analysts and managers can generate correlation insights for security incidents in the Security Incident Response Workspace.
Use this Now Assist skill to help you:
- Connect current security incidents to past events.
- Identify the affected users, configuration items (CIs), or observables (IP addresses and file hashes) from existing incidents and records as you triage your new security incidents.
Security analysts and managers can now generate correlation insights and see results in the Security Incident Response Workspace.
- Generate correlation insights from the Investigation tab in the Security Incident Response Workspace for a security incident in any state.
- Generate insights for multiple items simultaneously for Associated Observables, Configuration items (CIs), and Affected Users.
- Base your insights on any CIs or affected users for a security incident.
- Results are displayed in a modeless dialog that you can size and move.
This component is supported for the Xanadu and Yokohama releases.
Required plugins and products:
- Security Incident Response Workspace 1.7.9