Identify and mitigate potential system breaches and incidents in your environment.
The Incident View screen (XDR Threat Investigation > Workbench) displays a list of the incidents Trend Vision One generates automatically.
Trend Vision One creates incidents to group related alerts using advanced alert correlation and machine learning techniques.
The following table outlines the actions available in Incident View.
Action |
Description |
---|---|
View incident details |
Locate an incident and click the Incident ID to view the details of the incident. Tip:
Click the column headings to sort the incidents by Score, Incident ID, Last Updated, Associated Alerts, and creation time. |
Filter incident data |
Use the search box and dropdown liss to filter incident data.
|
Assign owner |
Select one or more incidents and click Assign Owner to assign accounts within your organization to the incidents. |
See Automated Response Playbooks |
Click Automated Response Playbooks to display the Automated Response playbooks available in the Security Playbooks app |