Incident View

Identify and mitigate potential system breaches and incidents in your environment.

The Incident View screen (XDR Threat Investigation > Workbench) displays a list of the incidents Trend Vision One generates automatically.

Trend Vision One creates incidents to group related alerts using advanced alert correlation and machine learning techniques.

The following table outlines the actions available in Incident View.

Action

Description

View incident details

Locate an incident and click the Incident ID to view the details of the incident.

Tip:

Click the column headings to sort the incidents by Score, Incident ID, Last Updated, Associated Alerts, and creation time.

Filter incident data

Use the search box and dropdown liss to filter incident data.

  • Created: The time when Trend Vision One generated the incident

  • Search: Allows you to search by Incident ID.

Assign owner

Select one or more incidents and click Assign Owner to assign accounts within your organization to the incidents.

See Automated Response Playbooks

Click Automated Response Playbooks to display the Automated Response playbooks available in the Security Playbooks app