Add a security incident to a security case

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 1 min. de leitura

    • If you determine that a security incident requires a higher level of analysis, add it to a new or existing case.

    Antes de Iniciar

    The Threat Intelligence plugin must be activated to use Security Case Management.

    Role required: sn_si.admin, sn_ti.case_user_write

    Procedimento

    1. Navigate to the security incident that requires escalation by clicking Security Incident > Incidents > Assigned to Me, and open the security incident.
    2. Click the Add to Security Case related link.
      The Add Security Incident(s) to Security Case dialog box opens.
      Add this security incident to an existing or new case
    3. If you have a case assigned to you that you want to add this security incident to, fill in the fields as appropriate, then click Submit.
      Field Description
      Security Case Select the security case.
      Optional notes As needed, enter additional notes that would be of value to the case analyst.
    4. If you have one or more cases assigned to you, but want to create a new case and assign the security incident to it, click Create new case to show additional fields.
      Add this security incident to a new case
      Nota:
      If you do not have any cases assigned to you, the screen above opens first.
    5. Fill in the fields as appropriate.
      Field Description
      Security Case Name Enter the name of the new security case.
      Description Enter a description for the case.
      Case Type Select the type of case being investigated.
      Optional notes As needed, enter additional notes that would be of value to the case analyst.
    6. Click Submit.
      A message appears at the top of the security incident, along with a link to the new case.