Security Incident Response Explorer

The Security Incident Response Explorer provides a graphical view into security incident activity. It is provided with the base system. When the Security Incident Analytics plugin is activated, users can view filtered data.

The Security Incident ResponseExplorer homepage displays security incident information that is tailored to the role of the user.
Note: When the Security Incident Analytics plugin is activated, you can use Interactive Filters on the dashboard version to filter data. See Security Incident Response Explorer dashboard.
You can point to any part of a chart (bar, pie, data point, heatmap, and so on) to view general data specific to that part. See the following image. If you click any part of a report, a list opens to provide detailed information.
Security Incident Response Explorer homepage

Security Incident Response Explorer homepage

The Security Incident Response Explorer contains the following reports.
Table 1. Security Incident Response Explorer reports
Name Visual Description
Security Incidents Single score Total number of security incidents that match the areas shown.
Security Incident Assignment Heatmap heatmap The number of security incidents per assignment group and priority.
Security Incidents by Attack Category Bar chart The number of security incidents per attack category.
Security Incident Closures by Priority Bar chart The number of security incidents closed in order of priority.
Security Incident Map map Security incident data by geographical location. The world map is highlighted in every area in which an incident occurs. A map allows you to drill down to security incident information by location.

Security Incident Response Explorer dashboard

The Security Incident Response Explorer dashboard displays the same security incident information as the homepage. You can point to any part of a chart (bar, pie, data point, heatmap, and so on) to view general data specific to that part. Interactive filters allow you to customize your view. See the following image. If you click any part of a report, a list opens to provide detailed information.
Security Incident Response dashboard
Table 2. Security Incident Response Explorer dashboard filters
Name Visual Description
[Optional] These filters are only available when the Security Incident Analytics plugin is activated.
Security Incident - Subcategory Drop down menu Provides real-time filtering on selected category.
Security Incident - Subcategory Drop down menu Provides real-time filtering on selected subcategory.
Priority Drop down menu Provides real-time filtering based on priority.
Security Incident- Active Radio button Provides real-time filtering on active incidents.
Security Incident- Criticality Check box Provides real-time filtering based on criticality.