Security Incident Response Post Incident Review

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Post incident review appears when an incident is moved to a Review state.

    For more detailed information on the conducting the post incident activities, see Post incident review report

    The Post incident review consists of the following sections:

    1. Assessments
    2. Reports
    From the Security Incident Response workspace, you will be able to request and take assessments using these new two UI actions.
    Name Description
    Assessments Assessment displays all the assessments that are associated with the security incident other assessments. The analyst will be able to take assessments and request assessments.
    • Take assessments: Click on Take assessments to take the assessments (if applicable) and complete the assessment. Before completing the assessment, the security incident state is Ready to take and Due date of the incident is indicated in Red.
    • Request assessments: Click on Request assessment for any additional assessments and you can add the new users whom you want to request.
      Note:
      Users who had already requested will not appear in this section.

      Any assessment for this incident has been configured based on the conditions set on the Post Incident Review, it be either mandatory or optional.
    Reports Modify the runtime configurations and generate the report.

    Select the Report instance, modify the filters and save the report. The analyst can preview and download the PIR report.