Categories for Security incident response

Go to solution
Barry11
Kilo Contributor

‎04-28-2022 01:58 PM

Hi, my organization is working to mature our Security incident process and are a relatively new team in terms of using Security Incident Response.  I'm wondering if there's an "out of box" list of security incident categories (like malware, email, vulnerability etc) or if there's a recommended list of Security incident categories that others use that might be helpful.

Thanks

Labels:
0 Helpfuls
  • 2,471 Views
1 ACCEPTED SOLUTION

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎04-29-2022 03:12 AM

Hi,

I have attached all of the OOB Categories and Subcategories for SIR.

 

View solution in original post

Preview file
13 KB
3 REPLIES 3

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎04-29-2022 03:12 AM

Hi,

I have attached all of the OOB Categories and Subcategories for SIR.

 

Preview file
13 KB

Go to solution
Barry11
Kilo Contributor
In response to Chris McDevitt

‎04-29-2022 09:10 AM

This is exactly the info I was looking for!  Thank you so much.

0 Helpfuls

Go to solution
Stephen Laseau
Kilo Guru

‎04-29-2022 05:22 AM

Also note that there are corresponding workflows you can use to implement your runbooks.