Categories for Security incident response

Barry11
Kilo Contributor

Hi, my organization is working to mature our Security incident process and are a relatively new team in terms of using Security Incident Response.  I'm wondering if there's an "out of box" list of security incident categories (like malware, email, vulnerability etc) or if there's a recommended list of Security incident categories that others use that might be helpful.

Thanks

1 ACCEPTED SOLUTION

Chris McDevitt
ServiceNow Employee
ServiceNow Employee

Hi,

I have attached all of the OOB Categories and Subcategories for SIR.

 

View solution in original post

3 REPLIES 3

Chris McDevitt
ServiceNow Employee
ServiceNow Employee

Hi,

I have attached all of the OOB Categories and Subcategories for SIR.

 

This is exactly the info I was looking for!  Thank you so much.

Stephen Laseau
Kilo Guru

Also note that there are corresponding workflows you can use to implement your runbooks.