Link the vulnerability assessment record to major security incident in Major Security Incident Management
You can link, propose or promote the assessment record to a Major Security Incident provided you have access to the Major Security Incident Management application.
Before you begin
Role required: sn_vul_analyst.vul_event_manager, sn_si.analyst, sn_msi.workspace_admin
About this task
You can move the assessment record to be associated with an existing major security incident, create a new MSI from the assessment record or promote the vulnerability assessment record to a major security incident. Leverage the Major Security Incident Management features such as the integrations with Microsoft Teams and Microsoft SharePoint.
You can also view the link to major security incidents on the Vulnerability Manager Workspace for vulnerable items. The MSIM link will be associated with the vulnerable assessment which will be shown on the vulnerability items and as well as on the other workspaces of Vulnerability Response.
Procedure
- Navigate to .
- Select the assessment record you want to link to a major security incident.
- Select the More Actions icon, on the Details tab.
-
Select one of the following.
Option Description Link to Major Security Incident Select the existing MSI record from the list of Major Security Incidents. The vulnerability assessment record is linked to the existing major security incident.
Propose as Major Security Incident Enter the following details and select Propose. - Detection Date
- Justification
- Potential Impact
Promote as Major Security Incident Enter the following details and select Promote. - Detection Date
- Estimated resolution date
- Justification
- Potential Impact
- Select Save.
What to do next
Select the MSI record to open the record in the Major Security Incident Management view.