Security Incident Response Overview dashboard

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 12분

    • The Security Incident Response Overview dashboard provides an executive view into security incident activity, providing trends and reports, and drill-downs into specific data.

    The Overview module displays security incident information that is tailored to the role of the user. You can point to any part of a chart (bar, pie, data point, heatmap, and so on) to view general data specific to that part. See the following image. If you click any part of a report, a list opens to provide detailed information.
    그림 1. Trend of All Security Incidents
    Sample report from Security Incident Manager Overview

    Security Incident Manager Overview

    Users with the Security Incident Administrator and Security Incident Manager roles view the Security Incident Manager Overview. It contains the following reports in the base system.
    표 1. Security Incident Manager Overview reports
    Name Visual Description
    Team Critical Security Incidents Single score The number of critical security incidents assigned to the team.
    Team High Security Incidents Single score The number of high security incidents assigned to the team.
    SLAs expiring within 24 hours Single score The number of SLAs that expire within the next 24 hours.
    Risk vs Severity Heatmap The distribution of security incidents assigned to the team by risk and severity.
    Security Incidents by CI Class, last 3 months Bar chart The count of security incidents assigned to the team by configuration item class.
    Trend of All Security Incidents Trend Plots the count of the number of security incidents received by category or priority.
    Unauthorized Access Security Incidents Bar chart Displays the types of security incident categories received over time.
    Average Time to Contain Single score The average time it takes to contain all security incidents.
    Average Time to Contain Critical Single score The average time it takes to contain all critical security incidents.
    Average Time to Identity Single score The average time it takes to identify all security incidents.

    Security Analyst Overview

    Users with the Security Incident Analyst role view the Security Analyst Overview. It contains the following reports in the base system.
    표 2. Security Analyst Overview reports
    Name Visual Description
    My Critical Priority Work Single score The number of critical security incidents assigned to me.
    My High Priority Work Single score The number of high security incidents assigned to me.
    My SLAs expiring within 24 hours Single score The number of SLAs assigned to me that expire within the next 24 hours.
    Security Incidents assigned to me Bar chart Security Incidents assigned to me by incident state or category.
    Work assigned to me by Type Bar chart Security tasks (incidents, tasks, or requests) assigned to me by type or priority.
    Security Incidents, Requests, Tasks assigned to me List A list of all security incidents, security requests, and tasks assigned to me.
    Security Incident Location Map Regional location of the security incidents.
    Count Map Number of security incidents per region.
    Min/Max Count Color Spectrum Bar The minimum and maximum numbers of security incidents per region represented by a color spectrum bar.
    Percentage of Count Map Percentage of the total incident count per region.

    Security Incident CISO Overview with Security Incident Analytics activated

    When the Security Incident Analytics plugin is activated, users with the Security Incident CISO and System Administrator roles view the Security Incident CISO Overview. The following CISO reports are provided in the base system.
    표 3. Security Incident CISO Overview reports (with Security Incident Analytics activated)
    Name Visual Description
    New Security Incidents This Week Single score The number of new security incidents received in the current week.
    Security Incidents Closed This Week Single score The number of security incidents closed in the current week.
    New Security Incidents (Running 7 Days) Single score The number of security incidents opened within the last 7 days.
    Security Incidents Closed (Running 7 Days) Single score The number of security incidents closed within the last 7 days.
    Daily New Security Incidents vs Closed Security Incidents Trend New and Closed security incident counts over time by day.
    Weekly New Security Incidents vs Closed Security Incidents Trend New and Closed security incidents over time by week.
    Security Incident Close Code Trend Full count of closure codes over time.
    Security Incident Business Impact Treemap Business services with security incidents with available groupings by business criticality.
    Average Time to Contain (Weekly) Trend The 7-day average time it takes to contain a security incident over time.
    Average Time to Eradicate (Weekly) Trend The 7-day average time it takes to eradicate a security incident over time.
    Average Time to Identity (Weekly) Trend The 7-day average time it takes to identify a security incident over time.
    Security Incident Location Map Regional location of the security incidents.
    Count Map Number of security incidents per region.
    Min/Max Count Color Spectrum Bar The minimum and maximum numbers of security incidents per region represented by a color spectrum bar.
    Percentage of Count Map Percentage of the total incident count per region.

    Security Incident CISO Overview without Security Incident Analytics activated

    When the Security Incident Analytics plugin is not activated, users with the Security Incident CISO and System Administrator roles view the Security Incident CISO Reporting Overview. The following CISO reports are provided in the base system.
    표 4. Security Incident CISO Overview reports (without Security Incident Analytics activated)
    Name Visual Description
    New Security Incidents This Week Single score The number of new security incidents opened in the current week.
    Security Incidents Closed This Week Single score The number of security incidents closed in the current week.
    New Security Incidents (Running 7 Days) Single score The number of security incidents opened within the last 7 days.
    Security Incidents Closed (Running 7 Days) Single score The number of security incidents closed within the last 7 days.
    Weekly New Security Incidents Trend The new security incidents opened on a weekly basis.
    Weekly Closed Security Incidents Trend The security incidents closed on a weekly basis.
    Security Incident Close Codes Trend Security incident close codes over time.
    Business Services with Security Incidents - Business Impact Treemap Business services with security incidents with available groupings by business criticality.
    Average Time to Contain Single score The average time it takes to contain all security incidents.
    Average Time to Contain Critical Single score The average time it takes to contain all critical security incidents.
    Average Time to Identity Single score The average time it takes to identify all security incidents.
    주:
    The Security Incident Response base system includes Performance Analytics Solutions for displaying preconfigured best practice dashboards. The dashboards present important metrics for analyzing your Security Incident Response process, such as new security incidents or the average age of open security incidents. For more information and installation instructions, see Security Incident Response Platform Analytics Solutions.